IN THE UNITED STATE? PATENT AND TRAPEMARK QFFICE 



Patentee: Jacobson 

Patent No.: 7,231,668 

Application No. 10/815,092 

Issued: 12 June 2007 

Title: Network Policy Management And 
Effectiveness System 

Attorney Ref. No.: 065426.0002 



Examiner: N. Wright 
Art Unit: 2134 



Petition FOr Acceptance Of Unintentionally Delayed Claim For Priority 

Mail Stop Petition 
Commissioner of Patents 
Post Office Box 1450 
Alexandria, Virginia 22313 1450 

Dear Sir: 

Applicant respectfully requests the Office grant this Petition for acceptance of an 
unintentionally delayed claim for priority. In support of her Petition, Applicant states as 
follows: 



On 12 June 2007, U.S. Patent No. 7,231,668 ("the '668 Patent") issued. The 
'668 Patent issued on U.S. Patent Application No. 10/815,092 ("the '092 Application"), 
which was filed on 31 March 2004. Counsel of record at the time of the filing of the '092 
Application was Moore, Hansen & Sumner of Minneapolis, Minnesota. As part of the 
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filing of the '092 Application, Moore, Hansen & Sumner included a Utility Patent 
Application Transmittal (attached hereto as Exhibit A), which indicated that the '092 
Application is a Continuation Application of U.S. Patent Application No. 09/104,946 ("the 
'946 Application), and, consequently, claims priority thereto. The '946 Application was 
filed on 25 June 1998 by Merchant, Gould, Smith, Edell, Welter & Schmidt, also of 
Minneapolis, Minnesota. 

Additionally indicated on the Utility Patent Application Transmittal was the 
notation that the Declaration of Inventorship was that from the '946 Application. A copy 
of the Declaration was also included with the initial filing of the '092 Application. This 
copy is attached hereto as Exhibit B. 

Finally, also included with the initial filing of the '092 Application, Moore, Hansen 
& Sumner provided a Preliminary Amendment, in which the Office was requested to 
"amend the attached new continuation application as follows." This Preliminary 
Amendment is attached hereto as Exhibit C. 

Counsel of record for the '092 Application then proceeded to LeFevour Law 
Group, LLC of Western Springs, Illinois on 15 March 2006. On 24 March 2006, the 
Office issued an Office Communication, in which it established a Statutory Double 
Patenting Rejection, based on the '946 Application, which had. by then, issued as U.S. 
Patent No. 6,735,701 ("the '701 Patent"). A copy of the 24 March 2006 Office 
Communication is attached hereto as Exhibit D. 

Applicant's current counsel ascended to counsel of record on 12 September 
2006. From the time that Applicant's current counsel became counsel of record in the 
'092 Application until the issuance of the '668 Patent, each time Applicant's current 
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counsel reviewed the Private PAIR system on the Office's Web page, the Image File 
Wrapper maintained by the PAIR system indicated that the '092 Application maintained 
a claim for priority, as a Continuation, to the 701 Patent. See, e.g., Bibliographic Data 
Sheets from 24 March 2006 and 10 October 2006, collectively attached hereto as 
Exhibit E. 

Upon receiving and reviewing the '668 Patent, it was realized that the claim for 
priority was not indicated on the face of the '668 Patent. Consequently, on 23 October 
2007, Applicant requested a Certificate of Correction be entered in the '668 Patent, 
indicating the claim for priority. A copy of the Certificate of Correction Request is 
attached hereto as Exhibit F. 

This request was denied on 27 December 2007. In the Denial, it was stated that 
u [a]n amendment containing a specific reference to the earlier filed application has not 
been submitted nor was such a reference submitted during the pendency of the 
application." Further, the Office indicated that u [a] grantable petition to accept [an 
unintentional] claim for benefit of the prior application must be filed, including surcharge 
37 CFR 1.17(e). A copy of this Denial is attached hereto as Exhibit G. 

Unfortunately, Applicant's counsel of record did not receive the Notice of denial 
of the Certificate of Correction through the U.S. Postal Service. Rather, upon its regular 
Six (6) Month status check, which included a search of the PAIR system on the USPTO 
Web Page, Applicant's counsel of record downloaded the Denial on or around 23 April 
2008. 

Upon receiving the Denial, Applicant's counsel of record immediately undertook a 
review of the file history of the '092 Application to determine what exactly occurred, 



3/5 



In re Patent of: Jacobson Examiner: N. Wright 

Patent No.: 7,231.668 Art Unit: 2134 



given the fact that Applicant's counsel of record was not counsel of record throughout 
the prosecution of the '092 Application. As a result of Applicant's counsel's 
investigation, it has since come to the attention of Applicant's counsel of record that, 
although previous counsel of record indicated on the Utility Patent Transmittal Form 
(Exhibit A), that the '092 Application claims priority, as a Continuation, to what would 
eventually become the 701 Patent, a specific claim for priority in the '092 Application 
was unintentionally omitted. 

Consequently, Applicant respectfully requests that the above-captioned U.S. 
Patent be amended to indicate that it is a Continuation Application, claiming priority to 
U.S. Patent No. 6,735,701. A copy of the 701 Patent is attached hereto as Exhibit H. 
Additionally, Applicant states that the entire delay between the time the claim for priority 
was due and today's date (i.e., the date this Petition is filed) is unintentional. 

Further, Applicant understands that a surcharge under 37 CFR 1.1 7(t) is required 
with this Petition. This Fee may be charged to Deposit Account No. 042223. Further, 
any other fees relating to this Petition may also be charged to Deposit Account No. 
042223. 
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Please contact the undersigned Patentee's Attorney Of Record if there are any 
questions. 



Respectfully submitted, 



Date: 22 July 2008 / Timothy M. Morella/ 

Timothy M. Morella 
Reg. No. 45,277 

Dykema Gossett PLLC 
Ten South Wacker Drive 
Chicago, Illinois 60606 7453 
312 627 2592 (Voice) 
312 627 2302 (Facsimile) 

CHICAG0\2475697.1 
IDYTMMO 
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UTILITY PATENT APPLICATION TRANSMITTAL 

(New Nonprovisional Applications Under 37 CFR § 1.53(b)) 



Atty. Docket No. 
M61-002-04-US 
Atty. Customer No. 
22854 



TO THE ASSISTANT COMMISSIONER FOR PATENTS: 

Transmitted herewith is the patent application of ( ) application identifier or (X) first named inventor, 
Jacobson, entitled NETWORK POLICY AND MA NAGEMENT AND EFFECTIVENESS SYSTEM , for a(n): 

( ) Original Patent Application. 

(X) Continuing Application (prior application not abandoned): 

(X) Continuation ( ) Divisional { ) Continuation^n-part (CIP) 

of prior application No: 09/104.946 Filed nn- June-25. 1998 . 
(X) A statement claiming priority under 35 USC § 120 has been added to the specification. 

Enclosedare: 




0 
0 



() Drawing(s); _ Total Sheets. 



( ) 
( ) 
( ) 
( ) 



Specification; _ Total Pages. 
Oath or Declaration: 
( ) A Newly Executed Combined Declaration and Power of Attorney: 
/v, 1 I Si9n _ ed - < ) Unsigned. ( ) Partially Signed. 

(X) A Copy from a Prior Application for Continuation/Divisional (37 CFR § 1.63(d)). 

(X) Incorporation by Reference. The entire disclosure of the prior application, from which a copy 
of the oath or declaration is supplied, is considered as being part of the disclosure of the 
accompanying application and is hereby incorporated herein by reference. 
( ) Signed Statement Deleting Inventors) Named In the Prior Application. (37 CFR 6 l63fdM2tt 
Power of Attorney. (X) Return Receipt Postcard. 

Associate Power of Attorney. (X) A Check in the amount of $ 385 for the Filing Fee 

Preliminary Amendment. ( ) information Disclosure Statement and Form PT0-1449. 



A Duplicate Copy of this Form for Processing Fee Against Deposit Account 
( ) A Certified Copy of Priority Documents (if foreign priority is claimed). 
{ X ) Applicant claims small entity status. 
( ) Other: ; _ 



FOR 
Total Claims 
independent 
Claims 


NO. FILED 
! 1 
1 


CLAIMS Ai 
NO. EXTRA 
0 
0 


3 FILED 

RATE 
$9.00 
$43.00 


FEE 

$ 0.00 
$ 0.00 


Multiple Dependent Claims (if 

applicable). 

Basic Filing Fee 

Total Filing Fee 


$0.00 

I $385.00 

$ 385.00 



S^S!5-7Tk= FT" t0 ? e P° sit u Account 13-4300 pursuant to 37 CFR § 1.25. At any time during the 

pendency of this application, please charge any fees required or credit any overpayment to this Deposit Account. 

Respectfully. 




f Record, Reg. No. 42,047 

Date: March 31, 2004 

Correspondence Address: 

Moore, Hansen .& Sumner 

2900 Wells Fargo Center 90 South Seventh Street 

Minneapolis, MN 55402 

Phone: 612-332-8200 

Fax: 612-332-1780 



I hereby certify that this is being deposited with the U.S. 
Postal Service "Express Mail Post Office to Addressee" 
service under 37 CFR § 1,10 on the date indicated below 
and is addressed to: . 




Typed Name: Nichole Williams 

Express Mail Label No.: EL495653023US 

Date of Deposit: March 31, 2004 
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M&G 12369. 1 USO I ^ 

MERCHANT. GOULD, SMITH, EDELL, WELTER & SCHMIDT 

United Slates Patent Application 

DECLARATION UNDER 37 C.F.R. § 1.63 

As a below named inventor I hereby declare that: my residence, post office address and. citizenship are as stated below next to my 
name; that 

I verily believe I am the original, first and sole inventor (if only one name is listed below) or a joint inventor (if plural inventors are 
named below) of the subject matter which is claimed and for which a patent is sought on the invention entitled: NETWORK POLICY 
MANAGEMENT AND EFFECTIVENESS SYSTEM 

The specification of which 

a. □ is attached hereto 

b. S is entitled NETWORK POLICY MANAGEMENT AND EFFECTIVENESS SYSTEM, having an<attomey docket number 
12369. IUS01 

c. □ was filed on as application serial no. and was amended on (if applicable) (in the case of a PCT-fUed application) described 
and claimed in international no. filed • and as amended on (if any), which I have reviewed and for which I solicit a United States 
patent. 

I hereby state that ! have reviewed and understand the contents of the above-identiSed specification, including the claims, as amended by 
any amendment referred to above. 

I acknowledge the duty to disclose information which is material to the patentability of this application in accordance with Title 37, Code of 
Federal Regulations, § 1 .56 (attached hereto). 

I hereby claim foreign priority benefits under Title 35, United States Code, § 1 19/365 of any foreign appltcation(s) for patent or inventor's 
certificate listed below and have also identified below any foreign application for patent or inventor's certificate having a filing date before 
that of the application on the basis of which priority is claimed: 

a. S no such applications have been filed. 

b. □ such applications have been filed as follows: 



FOREIGN APPLICATIONS), IF ANY, CLAIMING PRIORITY UNDER 35 USC § U9 



COUNTRY 


APPLICATION NUMBER 


DATE OF FILING 
(day, month, year) 


DATE OF ISSUE j 
(day, month, year) 










ALL FOREIGN APPLICATIONS), IF ANY, FILED BEFORE THE PRIORITY APPLICATIONS) 


COUNTRY 


APPLICATION NUMBER 


DATE OF FILING 
(day, month, year) 


DATE OF ISSUE 

(day, month, year) | 











I hereby claim the benefit under Title 35, United States Code, § 120/365 of any United States and PCT international application(s) listed 
below and, insofar as the subject matter of each of the claims of this application is not disclosed in the prior United States application in the 
manner provided by the first paragraph of Title 35, United States Code, § 1 12, 1 acknowledge the duty to disclose material information as 
defined in Title 37, Code of Federal Regulations, § 1 .56(a) which occurred between the filing date of the prior application and the national 
or PCT international riling date of this application. 



US. APPLICATION NUMBER 


DATE OF FILING (day. monlb. year) 


STATUS (patented, pending, abandoned) ^ 









I hereby claim the benefit under Title 35, United States Code § 1 19(e) of any United States provisional application(s) listed below: 



VS. PROVISIONAL APPLICATION NUMBER 


DATE OF FILING (Day, Month. Year) 




" - 111,1 " 1 w- , "" 3 



! hereby authorize them to act and rely on instructions from and communicate directly with the person/ass ignee/attomey/fimV organization 
who/which first sends/sent this case to them and by whom/which I hereby declare that I have consented after full disclosure to be represented 
unless/until I instruct Merchant, Gould, Smith, Ede 1 1, Welter & Schmidt to the contrary. 

Please direct ail correspondence in this case to Merchant, Gould, Smith, Edel I , Welter & Schmidt at the address indicated below: 

Merchant, Gould. Smith, Edell, 
Welter & Schmidt 
31 00 Norwest Center 
90 South Seventh Street 
Minneapolis, MN 55402-4131 

1 hereby declare that ail statements made herein of my own knowledge are true and that all statements made on information and belief are 
believed to be true; and further that these statements were made with the knowledge that willful false statements and the like so made are 
punishable by fine or imprisonment, or both, under Section 1001 of Title 18 of the United States Code and that such willful feise statements 
may jeopardize the validity of the application or any patent issued thereon. 
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Full Name 
Oflnveotor 


Family Name 
JACOBSON 


First Given Name 
ANDREA 


Second Given Name j 
M. 


0 


Residence 
& Citizenship 


City 

ST. PAUL 


State or Foreign Country 

MINNESOTA 


Country of Citizenship 
USA 


1 


Post OfTict 
Address 


Post Office Address 

250 EAST SIXTH STREET. #610 


City 

ST. PAUL 


State & Zip Code/Country 
MINNESOTA 55IOI/USA 


Signi 


iture of Inventor 2< 








Date: 


t'f&J9f 


2 


Full Name 
Of Inventor 


Family ff£me 


First Given Name 




Second Given Name 


0 


Residence 
& Citizenship 


City 


State or Foreign Country 


Country of Citizenship 


2 


Post Office 
Address 


Post Office Address 


City 


State & Zip Code/Country 


Signature of Inventor 202: 


Date: 


2 


Full Name 
Of Inventor 


Family Name 


First Given Name 


Second Given Name 


0 


Residence 
& Citizenship 


aty 


State or Foreign Country 


Country of Citizenship 


3 


Post Office 
Address 


Post Office Address 


City 


State & Zip Code/Country 


Sign* 


iture of Inventor 203: 




Date: 




2 


Full Name 
Of Inventor 


Family Name 




First Given Name 




Second Given Name | 


0 


Residence 
& Citizenship 


City 


State or Foreign Country 


Country of Citizenship 


4 


Post Office 
Address 


Post Office Address 


City 


Slate & Zip Code/Country 


Signature of Inventor 204: 


Date: 
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Fall Name 
Of Inventor 


, , 

Family Name 




First Civen Name 


Second Given Name 


6 


Residence 
& Citizenship 


City 


State or Foreign Country 


Country of Citizenship 


5 


Post Office 
Address 


Post Office Address 


Qty 


State & Zip Code/Coontry 


Signature of Inventor 205: 


1 



§ 1.56 Duty to disclose information material to patentability. 

(a) A patent by its very nature is affected with a public interest. The public interest is best served, and the most effective patent 
examination occurs when, at the time an application is being examined, the Office is aware of and evaluates the teachings of all information 
material to patentability. Each individual associated with the filing and prosecution of a patent application has a duty of candor and good 
faith in dealing with the Office, which includes a duty to disclose to the Office all information known to to be material to 
patentability as defined in this section. The duty to disclose information exists with respect to each pending claun until the claim is canceled . 
or withdrawn from consideration, or the application becomes abandoned. Information material to the patentability of a claim that is canceled 
or withdrawn from consideration need not be submitted if the information is not material to the patentability of any claim remaining under 
consideration in the application. There is no duty to submit information which is not material to the patentability of any existing claim. The 
duty to disclose all information known to be material to patentability is deemed to be satisfied if all information known to be material to 
patentability of any claim issued in a patent was cited by the Office or submitted to the Office in the manner prescribed by §§ i.97(bM<J) 
and 1.98. However, no patent will be granted on an application in connection with which fraud on me Office was practiced or attempted or 
the duty of disclosure was violated through bad faith or intentional misconduct The Office encourages applicants to carefully examine: 

(1) prior art cited in search reports of a foreign patent office in a counterpart application, and 

(2) the closest information over which individuals associated with the filing or prosecution of a patent application believe any pending 
claim pateritably defines, to make sure mat any material mforraaaon conmmed merem is disclosed to the Office. 

(b) Under this section, information is material to patentability when it is not cumulative to information already of record or being, 
made of record in the application, and 

(1) It establishes, by itself or in combination with other information, a prima facie case of unpatentability of a claim; 

or 

(2) It refutes, or is inconsistent with, a position the applicant takes in: 

(i) Opposing an argument of unpatentability relied on by the Office, or 

(ii) Asserting an argument of patentability. 

A prima facie case of unpatentability is established when the information compels a conclusion that a claim is unpatentable under the 
preponderance of evidence, burden-of-proof standard, giving each term in the claim its broadest reasonable construction consistent with the 
specification, and before any consideration is given to evidence which may be submitted in an attempt to establish a contrary conclusion of 
patentability. 

(c) Individuals associated with the filing or prosecution of a patent application within the meaning of this section are: 

( 1 ) Each inventor named in the application: 

(2) Each attorney or agent who prepares or prosecutes the application; and 

(3) Every other person who is substantively involved in the preparation or prosecution of me application and who is associated wto 
the inventor, with the assignee or with anyone to whom there is an obligation to assign the application. 



(d) Individuals other than the attorney, agent or inventor may comply with this section by disclosing information to the attorney, agent, 
or inventor. 
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IN THE UNITED STATES PATENT AND 
TRADEMARK OFFICE 



Applicant: Jacobson 

Serial No.: Unknown 

.Filed: Herewith 

For: NETWORK POLICY 

MANAGEMENT AND 
EFFECTIVENESS SYSTEM 



Minneapolis, Minnesota 
March 31, 2004 



Atty. Docket No.: M61-002-04-US 



PRELIMINARY AMENDMENT 

Honorable Commissioner for Patents 

P.O. Box 1450 

Alexandria, VA 2231 3-1450 

Dear Sir or Madam: 

Please amend the attached new continuation application as follows: 



CERTIFICATE OF MAILING/TRANSMISSION (37 C.F.R. 1.10) 
Express Mail Ubcl No. EWftflQZWS Dale of Deposit: March 31. 2004 

I hereby certify that this correspondence is, on the date shown above, being deposited with the 
United States Postal Service "Express Mail " Service under 37 CFR 1.10, in an envelope addressed 
to the Commissioner for Patents, P.O. Box 1450, Alexandria, VA 223 1 3- h 

Nichole Williams 

Print Name of Person Mailing Correspondence- [Signature] 




IN THE CLAIMS 

Amendments to the Claims 

1 . (Previously Amended) A method for dynamically assisting a system 
administrator of a computer network in upgrading compliance policy based on behavior of 
system users, the method comprising the steps of: 

storing in a database a plurality of compliance policy opti9ons; 

developing an initial compliance policy option potentially applicable to network 

users; 

automatically evaluating over time the appropriateness of the initial compliance 
1 policy option based on the potentially evolving compliance history of users; 

automatically compiling and providing to the system administrator over time a 
dynamic knowledge base comprising automated network user policy compliance violation 
documentation; 

automatically determining from the knowledge base policy compliance violation 
documentation that the initial compliance policy option is ineffective; 

automatically selecting from the database and recommending to the system 
administrator an alternate compliance policy options; and 

automatically requesting that the system administrator confirm the change to the 
alternate compliance policy option 

whereby compliance policy options are dynamically altered and provided to the 
system administrator in order to eliminate ineffective compliance policy options 

Please cancel Claims 2-12. 

REMARKS 

Claim 1 remains in this application. Claims 2-12 have been cancelled or 
withdrawn. 



2 



Conclusion 



On the basis of the foregoing amendments, remarks, and papers of record, 
Applicant respectfully submits that the remaining claim 1 is in condition for 
.allowance. Applicant respectfully requests a Notice of Allowance. 



Respectfully submitted, 
Andrea-Marie Jacobson 
By her attorneys 

MOORE, HANSEN & SUMNER PLLP 
2900 Wells Fargo Center 
90 South Seventh Street 
Minneapolis, Minnesota 55402 
(612)332-8200 




Allen J. Oh, Registration No. 42 ; 047 
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United States Patent and Trademark Office 



UNITED STATES DEPARTMENT OF COMMERCE 
Vailed States Patrol and Trademark Office 
Addrtu: COMMISSIONER FOR PATENTS 
P.O. Oca I4J0 

AkwxHi, Viitfna 2Z3 1 J- 1 <50 



APPLICATION NO. | FIUNQDATE | FIRST NAMED INVENTOR 



| ATTORNEY DOCKET NO. [ "CONFIRMATION NO. 



10/815,092 



03/31/2004 



Andrea M. Jacobson 



7333 



50717 7590 03/24/2O06 

LEFEVOUR LAW GROUP, LLC 
4365 LAWN AVE 
SUITE 5 

WESTERN SPRINGS, IL 60558 



EXAMINER 



WRIGHT. NORM AN M 



3 



ART UNIT 



PAPER NUMBER 



2134 



DATE MAILED: 03/24/2006 



Please find below and/or attached an Office communication concerning this application or proceeding. 



PTO-90C (Rev. 10/03) 





Application No. 


Applicants) 




Office Action Summary 


10/815,092 


JACOBSON, ANDREA M. 


Examiner 
Norman M. Wright 


Art Unit 
2134 





Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.138(a). In no event, however, may a reply be Umery filed 
after.SK (6) MOWTKS from the mailing of this comrnuiiication. 

- tfHOpenodfor reply fo specified above, the maxinium statutory * 

• Failure to reply within the set Of extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133) 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed may reduce anv 
eaniodpaterttermadiustmont. See 37 CFR 1.704(b). ^ ^ 

Status 

1)13 Responsive to communication® filed on 31 March 2004 . 
2a)D This action is FINAL. 2b)H This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayfe, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) |3 Claim(s) I is/are pending in the application. 
4a) Of the above daim(s) 2^2 is/are vvithdrawn from consideration. 

5) Q Claim(s) , is/are allowed. 

6) S Claim(s) 1 is/are rejected. 
?)□ , Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or ejection requirement . 

Application Papers 

9) D The specification is objected to by the Examiner 

10) D The drawing(s) filed on w is/are: a)Q accepted or b)Q objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). . 
Replacement drawing sheet(s) including the correction is required if the dravwng(s) is objected to. See 37 CFR 1.121(d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 1 1 9 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. §11 9(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

!.□ Certified copies of the priority documents have been received. 

2. Q Certified copies of the priority documents have been received in Application No. 

3. Q Copies of the certified copies of the priority documents have been received.in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 

* See the attached detailed Office action for a list of the certified copies not received 



Attachments) 

1) Notice of References Cited (PTO-892) 

2) D Notice of Drattsperson's Patent Drawing Review (PTO-948) 

3) □ Information Disclosure Statement^) (PTO-1443 or PTO/S8/D8) 
Paper No(s)/Mai! Date . 




PRIMA^CAMINER 

4) □ Interview Summary (PTO-4 13) 

Paper No(s)/Mafl Date. . 

5) □ Notice of Informal Patent Application (PTO-1 52) 

6) Dother. 



U.S. Patent and Trademark Offce 
PTOUB6{Rev. 7-05) 



Office Action Summary 



Part of Paper NoVMail Date 2006031 6 



Application/Control Number 10/815,092 
Art Unit: 2134 



Page 2 



DETAILED ACTION 
Response to Amendment 

1. The reply filed on 3/31/2004, as a preliminary amendment, canceling claims 2-12 
is acknowledged. The sole outstanding claim is now claim 1 . 

Double Patenting 

2. A rejection based on double patenting of the "same invention" type finds its 
support in the language of 35 U.S. C. 101 which states that 'N/vhoever invents or 
discovers any new and useful process ... may obtain a patent therefor ..." (Emphasis 
added). Thus, the term "same invention," in this context, means an invention drawn to 
identical subject matter. See Miller v.. Eagle Mfg. Co., 151 U S 186 (1894)- In re 
Ockert, 245 F.2d 467, 114 USPQ 330 (CCPA 1957); and In re i/oge/, 422 F 2d 438 164 
USPQ 619 (CCPA 1970). 

A statutory type (35 U.S.C 101) double patenting rejection can be overcome by 
canceling or amending the conflicting claims so they are no longer coextensive in 
scope. The filing of a terminal disclaimer cannot overcome a double patentinq rejection 
based upon 35 U.S.C. 101. 

3. Claiml is rejected under 35 U.S.C; 101 as claiming the same invention.as that of 
claim 1 of prior U.S. Patent No. 6,735701. This is a double patenting rejection. 

As to claim 1, it is appears to claim identical subject matter with the same scope. 
Accordingly, it is rejected as a statutory double patenting rejection. 

Conclusion 

4. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

Any inquiry concerning this communication or earlier communications from.the 
examiner should be directed to Norman M. Wright whose telephone number is (571 ) 
272-3844. The examiner can normally be reached on weekdays, from 8AM to 4 PM. 



Application/Control Number 10/815,092 Page 3 

Art Unit: 2134 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Jacques Louis-Jacques can be reached. on (571 )272-6962: The fax phone 
number for the organization where this application or proceeding is assigned is 571- 
273-6300. 

i 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-<lirect uspto.gov. Should 
you have questions on access to the Private PAIR system,' contact the Electronic 
Business Center (EBC) at 866-217-91 97 (toll-free)., 

Primary^jaminer 
Art Unit 2134 
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| United States Patent and 



Trademark Office 
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Bib Data Shoot 



UNITED 3TATEO OETAimncmr OF COMMERCE 
United Statu Patent and Trademark Offioa 

r COMMISSIONER POX PATENTS 

Ro.aai«» 



CONFIRMATION NO. 7333 



SERIAL NUMBER 
10/815,092 



FILING DATE 
03/31/2004 

RULE 



CLASS 
726 



GROUP ART UNIT 
2134 



ATTORNEY 
DOCKET NO. 



APPLICANTS 

Andrea M. Jacobson, St. Paul, M?^ 
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erMMM^«vat*tiaKJMj toaia aWvw^bkMMt^Mi^orty htm. TMMH»M?wxt m*m*j 

n of *• aorrwAM product «• o» 

rmJ Mxrt. Mi uMMto ft* SOFTWARE 



■ fa ft* SOFTWARE 
mm ft* ft* SOFTWARE 



ft. software product 

BtoMj*/H«M* Urn T« «r/ *MJ Mm <r Mtel t Mf? cm m»m> m9*m>p*1 
»M PUTER to Oow m mm dMMb v» ft* SOFTWARE PRODUCT ow KM 
EOOUCT to yow mm CT«yg*o cw 1*. tatoowJ —trot. Honv«;]PMnutwqutoJi 
WOUCT fa MMfft m mmm ft* SOFTWARE PRODUCT ■ mm « to wm**»*1 

tDPUCTftyMbMM<fjiiMM^tjMM<MMM, 

PC MMfcrtmr My mm im»J to tro»id* pmwm* mmm mf VmJ Oft m i mm mmj mmm mmm 
or ft* COMPUTER. 

OEM BmI-m Oaky. lfPCMMa&cMwMiMltocto^>to^MO09yafUi*»QFrVAJU PROOUCT WM ft. COMPUTER, fao 
mt twftj Vrttoi WatofMt fa*** t? u2<y. (TkvteM wi* ft* SOFTWARE PRODUCT, to nbiafb I»*-m copyaf 0» 
DFTWaRE PRODUCT. Ym IM> mm ft* m4.'m«m/ mm> f* wt^tpM^M** Afl*ft»»to^tM*-Mt^i 
rife* Wfl! M MJMKMWJ dM*M4 

. description or othir rights and um ftatiohs. 

LqmMmm m ****** bjM» pMMMjhiMi mJ Pi— 
iOFTWARE PRODUCT, Msnt Mi flaty *> ft* fc* tc*»Rj h apa 



r afft>COUPVm, 



TM SOFTWARE PRODUCT fcti M^MlM^p»MMt ? MM»|MMlpfttoftMMlMMMMMW7M» 

Stexb COMPUTED Tm SOFTWARE PRODUCT • mmm! «ndi ■.COMPUTER « ■ «mj» M«fnMdf«utoU. "Im 8OPTWAM 
ROOUCT amrmj, m mm »m ft- COMPUTES. 
Emm. Y01 nty mi rat or 1mm th* SOFTWARE PRODUCT. 

anftM*Tm<ir. Ym mqt otcmmmIV toM*M tHrfManiM* mmt IkbEUWkMjf • Mrt *f» «d* « t 
i^ywMa»*<vw.yes|Mmillifto BOPTWARE PKOOUCT (tosMtoftUeaMju 
< r?y ^fT^ *i« IULA * «p^*«i4^ t^. C*jti&»»^») oi Atai-rtx^X A>'D Iotm of *u tUU*.. tfft* 

OfTWARS PRODUCT i* m MM)d*.My mm mm mJm* til sjrtu* Mr**Mi</tM fiOPTWARX PROOUCT. 
TMAMCka. WiftMl yfjMjt^toMy mW rijhfc, VirtMl lftotoMM My toMMM fth Mi jfy—fcl to<MMV»Mft»to— m4 
wUnivfto EULA ta m f »Mt. y«u dmI »m/ «R Mfto> of ft* BOFTWARC PROOUCT Md *1 •< to mommM vtoto 
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Licensing Agreement 
for 

Virtual Policy Builder 


\ 






J UKJRAPE3 tf M aOTTWAlg FRPOUCT fa *» tM -c<Mp»«h*l,wtM»t 1*^ ViflBd W«Rp« i « «MM 
«yp!ki. y» — y t » tamtm d» aorrWARI PtOPUCT ariy fci M»bfl» wtti* q«j»Ml pjmm; m+~ ym dMwy M 

yn&Mttmir******** EUU- tf*.*orTWAtt HtoOUCT ■ ««9fn*rf»«Mc»MrftpKtap<rfM)Mf» 
hmmemj wtt* jai tnmd ■ ■ *ffe pmfca* dw aoFTW AU fROOUCT My t» wd nt tomMN*M*«MlortBlM4i 
prodM n dPi—l My rtUwp^ij In t ihnw wm*M. 

lOCtf OOrVtKlKr. Ail ac*>ri*ki h^biM SOm/AU P KJCUrT <Vfcrf»4 b»l to ■*} o^o*, 
•m SOFTWARE ftODUCT. 

9. DUAL- MEDIA tJOTTVARB. Tm Mjr tM**« Im SOFTWARE fHOOUCT bmimcw m*mm. Inwiim of to tn» « 
rftw pbM VMM CM prwrMd IM) arte SOFTWARE MtODUCT 

& CBU FRODUCT SUFFORT* FtMM mJ K* m EQFTWARE P1DOOCT ■ MOT pnfUbd 1* YfcMJ Wufc*M CUpwMw 
»b»MlM> Pgr M* M» wjrfc fC HMtMft My** MJMJ M»**ri b M *MMMttfti 

7. OS 14 UR. OOVEEXUEXT SJE5TUCTTO EIGHTS. Tt» lOTTVAII MlOOUCT id Aim— BMW prorifcd vM 
RERTRRTTEPRMKni. U»Hfa^«to«bmHi.G.i«» l lki^br«(ri^itMfattk l it|iiiji ) > 
(eXIX«) «f *i K«m hTmmI Dm Ml Cmmm Mmm MMl tf OPAM 2SUE7-TO«M«»^vjMMa|«IGD*tM 








1 


C«p*«M/2>0 EM M IBM. "M» 4I«SC M, MV U 101. 

FW TH8 LIMITED WARRAMTIEE AMD SFEQAL FROVOWMS FERTADOKO TO YOUR PARTICULAR JURBDKTiOM. 
FULARS REFER TO YTXJJL WAKXAHTV DOOKXfT INCLUDED WITH THO PACKAGE OR F10VIDEO WITH THE 

aarw are ttooocr feinted uatuuau. 

FVmc trvicate jwAcctpunc* tf fotofhwMc BoaisfcqgRpcaMcrt ly dkhtpf to ftp 
accept icon tfjouMMjpw wUh totem* of in ■fjecmti* click k»n. 


1 


(AecepT) (D«^) 


(<)(>)( MAIN MENU ")( EXIT ) 
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Privacy Statement 
for 

Virtual Policy Builder 


— 






Virtual AAfcrkSpaca haa craatad thta privacy ataiar nant in ord»f to darncratrata our ftrm oommttrrwol 
to prVacy. The fctortng dtodoaaa our rttawwBon gafrartnq and dbaerntratta- i praodott fair thto 
«ta; Urt^ Pdicy BUkfe. 

your IP addreas is uead to help Wtr^ you and y<^ atappirTQ <*rt. 

Our rfV» ragtatra&on farm raqAwunn to pjva u» contact Wbmwtbn (Ik* thM amaB aridreee) 
anrfdafnggafiteina^ 

WormaOon It uead to contact thi ylaftor whan nmnry. Uaan may opt-out of raeaMng Mum 
mating*; see 8ie cMata/daecttvati taction tafcw . DarnografiSQ and profit* data la alio ootactad at 
our afta. \N* um tHe data lo taior tha vWtor*t ixpenance at our tie, showing them contort that we 
ttanfc twy f raj A be Wsi eetsd In. and <saulay b iu tha content accoidtop to thair pnHSi wxee.lnanctil 
tntormatton (Set their account or credR card ra*nbere)&). FIrauicW trftxroettonthet it cciectetf it 
uaad to bit the uaar tor products and lite 

Our aia pnnidaa umts t?» opputirtty to apc-ocl of racaMng oonvnurasattona fHdti ut at tha point 
where we racjutat Wonnation about tha vWtor. 

DataiaflO«act*vata 

Thiaata oVaa uears tha fefawtopoptiona tar rarnovlnqthrir traofirntkm from our database to not 
recerve Mure ccrrfnuricattons Of to no tortper raceM our ttnrice. 
You can aand erne! to defeteQ vfctuwwortcapeca .com 

t^jiangwwaoony 

The* aita gte/ee uaara th» tottowirtQ options tor changing and modtfytrg (ntormebon prevtouefy 
provldad &neliopdateQ vttutrwericapecexjorn 




i 
I 
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Privacy Statement 
for 

Virtual Policy Builder 




Contacting ttia Waft? Site 

If you have any question* about this privacy statement, the practices of this site, or 
your dealnps vnfth thk Web lite, you can contact 

Virtual Workspace 
250 East 6th Street 
Strife 610 

St Paul, MN 55101 
aj@vi1tjalwodc5pace.com 


p)(T) ( MAIN MENU EXIT ) 
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Choosing a Screen 










1 


i: i 

I 

1 




Choose a screen name and identity for the training 
session by clicking on the screen name listed below 

Screen Names: 
Sasha: the warrior princess 
Alvin: the truck driver 
Josh: the surfer dude 
William: the investment banker 
Miice. ine uomesuc engineer 






(<)(>)( MAIN MENU )(™0 
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Choosing a Screen 
Identity 




— 






\ 






Your training session number is: 

the session number is used to track and reference the 

training session in the policy effectiveness module. 




1 
1 
1 




Click on the training icon to enter the virtual training 
room. 

CTraining^ 








G) (?) ( tUiH MENU } C EXIT ) 
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Meet the 
Facilitator 








Click on the picture to 
meet and interact with 
the facilitator and the 
other participants for this 
training session. 

ed Real Audio to listen to 
>r introduce the participants 
ling rules. 


(7) (T) (" MAIN MENU ) ( EXIT ^ 



This PDF of U.S. Utility Patent 6735701 provided by Patent Fetcher ,M , a product of Stroke of Color. Inc. - Page 21 of 65 



U.S. Patent May 11,2004 Shea 20 of 51 US 6,735,701 Bl 



Figure 18 



Policy Suggestion 



Desktop Piracy 

SttggCf ted Policy : To comply with law* governing software pcutoctiuri frcni piracy 
employees must not* 

•Make copies of any software unless explicitly authorized. 

♦Exchange, trade or transfer copies of any software to others in 

cyberspace. 

•Download copies of software uiai iwiiTa^ 

•Purchase any software fitmthe Internet ^ 
If you encounter pirated software or suspect software may have been pirated, notify the 
system aanunistrator unmediatery and diiuncc yourself from the real or suspected illegal 
activity. 

Pn;masc: Expect different people to have different standards. They are not better, not 
worse - simply different 

Principle : The principle of present choices states that current decisions tend to limit 
ftiturc action. Thii means that most important decisions affect two timeframes. The short* 
term result may be a benefit but the long- term result can be either a benefit or, as often 



Do you agree or disagree with the suggested policy? 



What changes would you make to the suggested policy? 



][ 



Paute 



Exit 



Menu 



Stats 



1 
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Policy Training 


- j 






questions 


<^Pm^^^> m group r>0Ncy discussions 




1 


<^ausj) the program to: 

| Review poscy recommendation* and statistics tx>m prevtous sessions 

j§ Ra<»jMt ftdcftional Information on o took of subject presented during the 
previous session 

§ Technical product support 




(F) (F)C MAIN MENU 3 C exit 
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If 




Virtual Training 
Room 








ill 

1 
1 
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Policy Feedback 

Alvin: No changes 
Josh: No changes 

William: > 1 hate getting an approval to download 
software. 1 want that section changed. 

Facilitator: >Does the group think about downloading 
software and approvals? 

Josh: > Have to company make a list of approved 
software to download... Would that help you 
Will? Or do you want the option to download 
anything? 

William: > 1 could live with a list, as long as 1 can email 
the someone to approve of the software 1 
want to have downloaded. 






Q 0 C ma,n menu 3 C E>aT } 
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Writing the Policy 




■ 

Suggested Policy: To comply with laws governing software protection from 
piracy employees must not; 

•Make copies of any software unless explicitly authorized. 

•Exchange, trade ox transfer copies of any software to others in 

cyberspace. 

•Download copies of software that normally would have to be 
purchased. 

•Purchase any software from the Internet without prior approval 
If you encounter pirated sofrware or suspect software may have been pirated, 
notify the system adrainistrator immediately and distance yourself from the 
real or suspected illegal activity . 

Facilitator If I am correct, you want this section added to the policy? 
A dd»> A ll software downloads con he approved by the system 

administrator, lite user needs to email the system 
administrator to gel approval for downloading the software. 


G) (?) ( ma,n menu } C exit } 
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Figure 22 
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Vote on a Policy 
Recommendation 






{' 

v. 

i 

•i 




To comply with laws governing software protection from piracy employees 
m ust not: 

•Make copies of any software unless explicitly authorized. 
•Exchange, trade or transfer copies of any software to others in 
cyberspace. 

•Download copies of software that normally would have to be 
purchased. 

•All software downloads can be approved by the system 
administrator. All network user needs to email the System 
administrator to get approval before downloading the software . 
•Purchase any software from the Internet without prior approval 
If you encounter pirated software or suspect software may have been pirated, 
notify the system admmistrator immediately and distance yourself from the 
real or suspected illegal activity. 

Do you agree or disagree with the policy? 


1 
1 
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Figure 23 
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Policy Consensus 












\ 




1 
1 
1 






To comply with laws governing software protection from piracy employees 
must not: 

•Make copies of any software unless explicitly authorized. 
•Exchange, trade or transfer copies of any software to others in 
cyberspace. 

•Download copies of software mat normally would have to be 
purchased. 

•All software downloads can be approved by the system 
administrator. All network user needs to email the system 
administrator to get approval before downloading the software. 
•Purchase any software from the Internet without prior approval 
If you encounter pirated software or suspect software may have been p irated, 

iHjuiy uiv ayaicm aunuoisuouji uiuucaiaieiy aou pmaocc yourseii nym me 
real or suspected illegal activity. 










(*)(*)( MAIN MENU EXIT ) 
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Policy Training 

Main Menu 


H 




1 1 Start Policy Exam 






1 1 Review Policy Training Materials 






1 1 End Session 


i 
i 
i 




□ 






C ma,nmenu }C EXIT } 
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jroiicy l raining ±sxam 


1 














\ 








What is spam? 








M A slang term for an electronic contract 










H A luncheon meat 










It A slang term for junk e-mail 










§ A term used for downloading files from the web 
















(<)(>) C MAIN MENU EXIT } 
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Training Feedback Form 














i 








Was the subject pertinent to your needs and interests? 
No To some extent 
Very Much So 








Excellent Satisfactory Dissarisracory 
Adequacy of Course Content 
Length of Course 
Adequacy of Course Materials 
Adequacy of Learning Experience 
Adequacy of Facilities 








If any factor is rated "urisatisractory " please provide explanation: 






What was of least value to you bi this seminar? 






What was of most value to you in this seminar? 






How will you apply this learning back on the job? 


1 

1 




Would you recommend this course for other individuals/teams? 
Yes No 






(*) (>)( MAIN MENU EXIT } 
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Acceptable Use 
Agreement 




This agreement is between the employee and the user Indicated below. 




The user apjees to the following: 

1. AJ information stored on the company lystem is for educational, 
Instructional or administrative purposes . AB date stored on the company 
computer wil be suitable for afl audiences end shal not violate personnel 
privacy. 

2. Use of the computer system for commercial purposes is prohibited. 

3. User accounts which are Issued for the purpose of making the organizational 
(county, program, etc.) Web site w« have a designated primary user who b 
responsible for controSng access to the account The primary user w3 not 
snare nis/ner logm id ana password wwn anyone outside me organization n una, 
and wil change the password regularly. 

4. The company servers) system is an electronic community. Users are 
community members and as such must be considerate of other users. Thus, 
users wil attend to their own files and directories and leave others alone. Users 
shal Inform the system administrator, or the Manager if a problem arises with 
your account or the servers). 

5. Users wfB be good stewards of the electronic environment and wil not 
waste space, computing power or other user's time. 

6. Because this is an educational community, there are many chldren who 
have access to materials on the system. Users have a responsibttty to ensure a 
nurturing environment for our chldren: Consequently, users wil neither store 
not transmit obscene, abusive or otherwise objectionable material on the 
system. Such actions wil result in prompt termination of system privileges. 

7. The company reserves the right to review any material stored on the 
system and wil remove any material which It befieves violates and element of 
this agreement. 




1 
1 
1 
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Acceptable Use 


-> 


CONTINUE 

6. The company operates a reliable and effecfive ooirfHiting environment and 
network, however the company does not warrant that the system wil meet any 
specific user requirement or that the system wil be error free or uninterrupted. 
The company shall not be liable lor any direct or fndrect, Incidental or 
consequential damages sustained or Incurred on connection wrth the use or 
inability to use the company system. 

User Signature 


Date: 
Manager 


Internet e-maS address: 

a 


Click Icons to accept or decfne the terms of the Acceptable Use Policy. 


1 




(F) G) C MA,N MENU ) C EXIT 3 
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> 


Thank your for participating in the 
policy training program. 






G) G) C ma,n menu ) C exit ) 
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Policy 

Complianc 

Reporting 


X 

i 
» 

e and 
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1 N 




1 0 
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User Profile 








Name: 

Employee Number 
Email Address: 
Surface Mai Address: 

Employment status (I.e. temp, contract, virtual): 

Organizational/reporting chart: 

TWe: 

Department/Unit Title: 
Branch/DMston: 
MaB Address: 






1 
1 
1 




USER PROFILE REPORTS 

User's Emptoyment cements and other contracts: 

Poicy Training and Exam status: 

Policy Compliance History 

Network AdMty Htetory 

Special Network Access or Mvllege* 

Email storage allocation 

Document access level 

User Access to tndudstg failed login attempts 

AJi attempts to launch privfleged applications 

Any changes to system configuration parameters 

Software downloads from the Internet 

Software usage 

Hardware usage 

Software present on a user's workstation 
User's system access and security status 
Identify need for upgrades 
Identify need for training 






(^(^ (main menu} exit ^ 
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V 



Software Compliance 



REPORTS 

User tcditg incfcidsio failed lopjn attempt* 
Afi attempta to launch privioaed applications 
Any change* to system configuration parameter* 
Software download* torn the Internet 
Software usage 
Hardware usage 
locattofi of software 
Location of Software Socnse agreements 
Type of software agreements 

Coordination of software Hcamc agreement* with software utilization 

Provide statistical and graphical Justificatton for software purchases, upgrade* and 

matntenarice experae ; 

Software instalatlons 

Software compiance 

Appxoprtatanats. Inapproprtsteness and excessive use of software, hardware 



resource* 

Number of people warfog io7 



the enfofpffre. 



Access time 
Value of software being used at anyfimc 
Identify need for upgrade* 
Identify need for training 
Projections for hardware, software 



) appicationf*) 



and Icensinq (^ts/usape throughout the 



enterprise 
Prectd hardware o^mand 
Re-route software and hardware as ktolcated 
PersonaPy instalied orperrritted software Installation 



Utilization of system resources 
Identify potential poicy biMnoements 
Identify system trends per department use 
Allocation of related costs related to department 




MAIN MENU 



EXIT 
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Audit 


- 












\ 










To: Po!Adm@Virtvom 
From: 5ys@virtcom 
RE: Audrt Reminder 
Branch Location: Minneapolis 
Time: 11:20 a.m. 
Data: May 20,1998 
CC: PoOcyeffeclSvirlcom 

PoiAdm@virtcom 
Un@tfrt.com 




















1 






Audit Results 

Violations: 
Discrepancies :c 

Click on the report icon to complete policy violation report d 

(Report) 








1 
1 




















(>) (<) (main menu^(^en^(^rinT) Q exit ^ 
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Network Policy Compliance Notice 








Reference Number. 985h34 

Posted-Date: Mem, 20 May 1998 16:17:36 -0500 {CUT) 
To: Jane Doe@virtcom 
From: PoiicyAdm ©virtcom 
Subject Violation Notice 




Network Non-Compliance Notice 

Name: 

Email Address: 
Trfle: . 

Department/Unit Title: 
Branch/Division: 
Mail Address: 
Violation: 

Violation History: (hyperlink 




i 
i 






<T) (<) (main menu)<^encP) (^print^) ( exit ^ 



'J 
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Network Compliance 
Action Notice 




The policy advisor has taken the potential violation into advisement and 
has determined the following procedures: 

This Is a Level 2 violation 

Follow the prompts to complete the violation reporting process for this 
level 2 violation. 

Click to begin the violation reporting process. 


(>) (^(mainmenu}(^ exit ^ 
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Figure 38 







Policy Compliance Report Form 




Violator's Name: 






Email address: 






Tiw: 


Department 


Mail Station 




Violation; § Minor Violation g Major Violation 
Type of Violation: (choose from drop down box ) 




Branch Location: 
Date of Occurrence: 

Date of mpnrt 

Official reporting the incident 

Poilcy Administrator 
Additional details: 


Ok | Reset 1 I Cancel 1 




(>) (^(main menu^ EXIT ^ 
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Figure 39 







Network Compliance 
Action Notice 


{ 

1 
1 
1 




The policy advisor has taken the potential violation into advisement and 
has determined the following procedures: 

This Is a Level 2 violation 

Follow the prompts to complete the violation reporting process for this 
level 2 violation. 

Click (start) to begin the violation reporting process. 


(>) (^(mainmenu)(^^ exit J 
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Figure 40 




Policy Knowledge Query 



Name; 



Violation: f Minor Violation g Major Violation 
Type of Violation: (choose from drop down box ) 



Branch Location; 

Date; 

Policy Administrator, 

Additional details: 



Search 1 1 Reset I 1 Cancel I 



(T^USER HELP ^) Click icon for more Information on how to 
— — respond to a violation report. 



(<)(>) EXIT ^ 
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Policy Compliance Report Form 




Violators Name: 


Email address: 


1 

1 
1 




Title: 


Department 


Mail Qtofinn 

mail oiauon 


viuiauuii. n Minor vic-iaoon Major Violation 

Type of Violation: (choose from drop down box ) 




Branch Location: 
Date of Occurrence: 

Dfttarif rapnrt 

Official reporting the incident 

Policy Administrator 
Additional details: 


1 Ok 1 | Reset 1 j Cancel 1 


(>) (<) ( MA1N MENL^(^END^(^RIN^ Q EXIT ^ 
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Figure 42 







Policy Violation Code and Report 


1 
1 

1 




the claim you submitted has been assignec985h34 as Its reference 
code. 

Enctypfed email and surfece mail copies of the policy vklation daim 
report has been sent to: 

• Jane Doe 

• John Smith in Human Resources 

• System Policy Administrator 

• Virtual Workspace, LLC - a third party policy organization 


(>) (<) (MAIN MENl^(^EN^(^RINT^ £ EXIT J 
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1 


i 


System Violation Notice 

Email and Snail Maill Notice 




i- 




V 






Name: JaneDoe 

User Profile: (Retfew Profile tom<frop down menu) 

Violation Type: SBofflnl S? 8 * 1 * 1 c6nfd «^ *» 

Violation level: Level 2 

Branch Location: Minneapolis 

™*»: 11:20 am 

May 20, 1998 

CC: JsfnithgVirtcom 

PolAdm@V1rt.c6m 
Polfcy@virtualwofk3pace.com 

File Attachments: Scheduling and violation report 










The system (ndcatet you have violated a virtual policy. Attached la a poficy 
vbtaUon daim report for your review. 

We w« need your esaktanee to Investigate the dafm to determine if it is indeed 
accurate and If It warrants tather dtecutaicn. Please foil w the procedures 
below: 

• Review the attached poOcy violation claim report 

• RovlewywU*^ 

■ Indcaleanydsaepanc^fr 

• Indent© your aveilablfty for an Irvparson «dbw up meetbig 
For ftither htormation die* the user Icon (User) 

All report end irrigation Information b automatically recorded In the system. 
Thank you for your cooperation. 






- 




>) (^(majnmenui)^ EXIT 


N 
J 
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Subsequent Action Report 


r 






Name: Jane Doe 

Violation level: Level 2 

Branch Location: Minneapolis 

Time: 11:20 am 

Date: May 20, 1998 

PC: JsmHh@Vlrtcom 

PotAdm@vTrt.com 
Policy ®virtualworicspace.corn 

File Attachments: Subsequent Action Report 




Following the violation meeting Human Resources and the user are 
required to file a subsequent meeting report to verify their attendance 
at the meeting. 

The report can be accessed by dick the report Icon (^epo^ 

If you have any additional questions or concerns, you may contact the 
Policy Administrator via email: PolAdm®Artcom or by calling 555- 
1212. 

If you do not agree with the outcome of the meeting, you may file for 
an appeal. To begin the appeal process, dick on the appeal icon 








(P*) (^) MENU^^^END^^PRINT^ ^ EXIT ^ 
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Figure 45 



The Appeal Process 




The Appeal Process grants the user due process, including me 
opportunity to respond to an alleged violation in writing. The user is 
given the option to choose an appeal facilitator from the organization. 

The chosen facilitator is emailed and granted security and read-only 
access to a user's file. The facilitator is automatically copied on ail 
appeal process communications. The system records the all 
communications and written activity. 

Internal officers are automatically prompted and sent a notice to 
schedule the appeal meeting with the new facilitator. The process is 
reported, stored, and tracked in the policy effectiveness module 

The appeal report is automatically sent to: 

• Policy Effectiveness 

• The policy officer and the user via email 

• The policy officer and the user via snail mail 

The user is automatically sent information to inform him of his rights. 
To access further Information, click on the appeal icorr^" ^ 



(>) (<) (main menu^(^sen^(^p^ 



This PDF of U.S. Utility Patent 6735701 provided by Patent Fetcher a product of Stroke of Color, inc. - Page 49 ot 65 



U.S. Patent May 11, 2004 Sheet 48 of 51 



US 6,735,701 Bl 



Figure 46 



t 




Policy Effectiveness Reports 

Compliance Reports 


H 








Enter access code: 

1 1 






Enter hardware token: 


i 
i 




l l 

Choose reports) to review: 

User/User profiles 

Network nodes 

Department 

Division 

Branch 

Application 

Time duration 

Timeframe based on: 

Historical and statistical reports 

Current 

Year-to-date 

Custom time frames 

Other 


Q (^(;mw exit ^ 
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Figure 47 









Policy Effectiveness Reports 




\ 




Enterprise-Wide Reports 


/ 


— 












\ 


1 




Enter access code: 








Enter hardware token: 








Choose report(a) to review: 








Policy compliance reports 
Risk assessment 

Strengths and weaknesses in policy compliance 

and non-compliance 

Email compliance reports 

Software compliance reporting 

Patterns, statistics and assessment of policy violations 

and non-compliance 
System backup reports 
Document tracking reports 
Audit and reconciliation reports 








(>) (^(mainmenu^ EXIT ^ 
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Figure 48 



Policy Effectiveness Action 



Name: 

Violation level: 
Branch Location: 
Time: 



ee: 

File Attachments: 



SystemA<to^^com 

Level 2 
Minneapolis 
1150 a.m. 
May 20, 1998 
Networ1c@Virt.com 
Pollcy^ftualwbrkspace.com 
f^lk^ Effectiveness Action Report 



Policy Effectiveness has implemented a policy change for peisooal email 
usage. 

Thcnew jwlicy settheda^ ^ 
previous 30 message link Hie personal email policy can be accessed at 
ht^VAvww.pdicy^rsonaJetnail.com 
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Policy Resources 


1 




[ \ Policy Reference Library 

1 1 Legal Research 

L J The Virtual Policy Manual 

1 | Policy Basics 

[ | Software Resources 

including 

software listings and 
1 j updates 

j — ~| Software Registration 

Tech and User Support 


(>) Q (MAIN MENU^^END^^RINIV) ( EXIT ^ 
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NETWORK POLICY. MANAGEMENT AND SUMMARY OF THE INVENTION 
EEFEC1TVENESS SYSTEM 

Jo overcome the limitations in ihe prior art described 
above, and to overcome other limitations thai will become 

BACKGROUND $ apparent upon reading and understanding the present 

I Field of the Invention specification, the present invention discloses a method and 

mis invention relates in generaJ to networked computing ^ff r ™ intainin & Pf c Y compliance on a computer 

systems, and more particularly, to a system for maintaining Asy f em " J^°*an* with the principles of the 

network security policy compliance. n P crforra * * e ^P 5 of electronically monitoring 

o - i ♦ j a in nclw °rk user compliance with a network security policy 

2^Dcscnplion of Related Art sk>red in a data5asCf eIe ctr6nically evaluating network sccu- 

rhe Internet and computer ^networks allow organizations rfty policy compliance based on network user compliance, 

to store applications and mformation on central servers. and electronically undertaking a network policy compliance 

waiting^ be called up and manipulated from any location. action in response to network .security policy compliance: 

Networks allow people greater access to files and other The network policy compliance actions may include elec- 

confidential information. Global networks, including the ' ironically implementing a different network security policy 

Internet, and remote access increase the vulnerability of selected from network security policies stored in the 

corporate data, increase the risk of information leaks, unau- database, generating policy effectiveness reports, and pro- 

thonzed document access and disclosure of confidential viding a retraining module to network users, 

inlormation, fraud, and privacy. y* . e . , r , 

n . , , 20 °ne preferred embodiment of the present invention 

bmptoyecs are the grealesl threat to an otgamzalion's includes notifying a network user ana a policy administrator, 

tnformauon security. Employees w„h access to ^formation providing a draining module to the network user, and 

resourossmcludrngemad, the Internet, and on-hne networks rcstricling mc nctwork user>s network acCess ^ in 

stgmficantly mcreasc the. security nsks. response, to monitoring network user compliance. 

ouS^o^^ZSe^ o7i™^ ,P0SCS ' trC * , H g 2S ,1,Csb and various other advantages and features of nov- 

n„~~r.u* ; . \ r c .ti • . embodiment are pointed out with par lculantv in the claims 

One of the greatest sources ofinformation leaks lsemp oyce . uh - >h ^^jL u aMtn _i • u r y , 

t .« n t« m ™:i u/*tk«i • ~ • • . « \ J which are annexed hereto and which form a part hereof, 

sent email. With electronic communication and networks; an u™,,,.™., -ix, « u « a r <• u ■ • 

-*i-^.™:« . . i - u . j , However, tor a better understanding of he invention, its 

electronic paper trail is harder to determine, since no record ; ri ' a .u u- . « . j . . " 

of who accessed, altered, tampered with, reviewed, or cop- * ?S m !j he objects obta.ned by ,« use reference 

ied a file can make il very difficult to determine a ddcu- ^ould be made to the drawings wh.ch form a further pan 

menfs authenticity, ind provi<le an audil and paper trail. In ^ ** ° ^ ^companym^descnptive matter, m which 

addition, there is no auuLa.ed system to cen^raHy a tec" tl "h T"^ VHP** " T*' 

analyze, measure, index, organJ, track, determine aumo- „ j^ ,CC0 «* n « Wtth **«"«» of ,he 
rized and unauthorized rile access and disclosure, link bard 

copy information with electronic files including email, and BRIEF DESCRI PIION OF THE DRAWINGS 
report on how information flows in and out of an organiza- 
tion. Referring now to the drawings in which like reference 

Setting proper use and security policies are a method to- 40 ""^bers represent corresponding parts throughout: 

create order and set standards for network use. Policies are. PIG'. I is a block diagram illustrating a policy elfeclive- 

ineifective unless users understand and comply with the ness system according to an embodiment of this invention; 

policies. Unfortunately; most organizations do not have FIGv 2 is a block diagram illustrating the steps performed 

tangible proof when, and if, a network-based policy viola- by the policy training module according to an embodiment 

tion has occurred until long after the damage has been done. 45 of this invention; 

Due to the technical nature of network policy violations, * riGS . 3A _ 3C arc b . 0 ck diagrams further illustrating the 

policy enforcement officers may not have adequate ster« performed by a policy training module according to an 

knowledge skill and evidence to properly execute a policy embodiment of this invention; 

.violation claim. Cases of selective policy enforcement can r .~ , . t ^. .„ - . 

occur if policy violations are not consistently reported, filed, 50 n l j° r ? g ™ 7 / Uuslralin S. * tcpS 

investigated, and resolved. performed by a policy training module in administering a 

Employees often view e-mail as equivalent to a private l ™ imn *> exara ; 

conversation. IIjLs view often does not reflect the official r hlCj ' ?'* a bIock dia 5 ram furthcr illustrating lhe : operation 

position of the organization. These communications reflect °l a P" 1 ! 4 * elTective ness system according to an embodiment 

preliminary thoughts or ideas that have not been reviewed 55 * invention; 

by the organization and typically only reflect the persohal ^ is a block diagram illustrating the steps performed 

opinion of the parties involved. Yet, since employees of the *?y. a policy compliance and reporting module according to 

organization create these communications; courts and regu- an cmh ^dirricm of this invention; 

lalory agencies have concluded that employee communica- 1*IC»- 7 is a bk>ck diagram further illustrating the steps 

tions can relied the organization's view. There is a further 50 performed by a policy compliance and reporting module 

need for network communications software programs that according to an embodiment of this invention; 

offers robust policy compliance assistance, policy effective- FIG. .8 is a block diagram illustrating the appeal process 

ness monitoring and reporting. performed by a policy compliance and reporting module 

There is a need for an automated system to assist policy according to an embodiment of this invention; 

enforcement officers with proper policy enforcement 65 FIG. 9 is a block diagram further illustrating a policy 

procedure, and methods to measure policy effectiveness, effectiveness system according to an embodiment of this 

appropriateness, user system activity and compliance. invention; 
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J-Sl^L" 8 ° "^nr display illustrating the FIG. 34 is an exemplary screen display UlustraUne Soft- 

J£jL fa ; a ^m P ]ary,sci»en display illustrating .he FIG. 35 is an exemplary screen display illustratiim ihe 

FK5 12 k m ^mnhrv cw « i 'ii • HG; 36 - an c *emplary screen display ill ustrating Net- 
ment according to an embodiment of the invention; . ' 

pragL i^n+immvmm*&**# 10 co^ia^Sr^- d ' sp,ay i '! us,ra,ing a 

RIG. 15 is an exemplary screen display il lust ratine the J? Q ' 38 r * e ^ h?y strcen i«W»«tag.». 

screen idenSty^ccording tcf alSS according,* an embodi- 

the invention; iy c mveRtl( >o* 

FIG, 16 is an exemplary screen display illustrating assign- f * * f xempiary screen display imistrating a 

ing the ,ser a session number according ,o aS« ^ork pphcy action nonce according 10 an embodiment of 

of the invention; me invention; 

FIG. 17 is an exemplary screen display illustrating, the 20 J£\™$T ^^'f*™ illustrating a 

introduction to the virtual facilitator acceding to an cmbodi- P° hc y.^wledge query according to a embodiment of the 

ment of the invention; invention; 

FIG. 18 is an exemplary screen display illustrating the f IG * 41 * an ^mplary screen display illustrating a 

suggested policy according to an embodiment of the inven- P 0,ic y ^P^nce violation report according to an embodi- 

tion; ment of the invention; 

FIG. 19 is an exemplary screen display illustrating the '"' "? G f m * xcn ?RlW s^en display illustrating a 
network user discussion options according to an embodi- P ' Cy wm P haDce relation code and report; according to an 
ment of the invention; 'embodiment of the invention; 

F1C* 20 is an exemplary screen display iUustrat ing group c F?G If f^P ^ ea &**Y «^«ai display illustrating a 
policy discussions according*) an emb«xliment of theinven- io ySte ^ VloIat,0 ° NotICC En3ail and Snail Mail Notice 
lion; v according to an embodiment of the invention; 

FIG. 21 is anexempiary screen display illustrating policy c J" 10 - 44 is , an exemplary screen display illustrating a • 

writing according to an embodiment of the invention- ^sequent Action Report according to an embodiment of 

rnr, ^ ... . .... * tbc invention; 

FIG, 22 is an exemplary .screen display illustrating the Fir <~ - c , . , ..„ 

network user discussion options according to an embodi- A i t xempiary screen display illustrating The 

ment of the invention; " Appeal Process according lb an embodiment of the inven- 

FIG. 23 is an exemplary screen display illustrating the U °S^ A * . , ■ 

policy consensus according to an emlxKliment of the inven- J . 15 30 cxem P ,ar y ;screen display illustrating policy 

lion; effectiveness -reports -according to an embodiment of the 
i4 • x .. 40 invention; 

MG. 24 ts an exemplary screen display illustrating the ri ,; 1- ; ... .. . 

policy training options according to ah embodiment of the J^' lS cxcm P larv ^ recn ^^Rlayil hist rating policy 

invention; cflectiyencss reports according to an embodiment of the 

mr> « • .. ...... . . invention; 

riG. 25 is an exemplary.; screen display illustrating the Kfr . , ,. 

policy exam according to an embodiment of the invention- 45 If . an ^mpJary .screen display illustrating a 

FIG. 26 is an exemplary screen display illustrating a g.^^ embodiment of the 

traming feedback and evaluation form according to an r,r- a a • , 

embodiment of the invention; " MCj. 4» is an exemplary screen display illustrating policy 

FIG, 27 is an exemplary screen display illustrating an * ™ embodiment 6f the invention. 

Appropriate Use Agreement/Employee Agreement form 50 DETAILED DESCRIPTION OF THE 

according to an embodiment of the invention; IN VENTION 

FIG. 28 is an exemplary screen display illustrating, an i <■ n ■■• 

Appropriate Use Agreemen./Employee Agreement form '/N ^"T* 8 descr !P t,on o{ ,hc exemplary 

according to an embodiment of the invention- embodiments* reference ,s made to tlx: accompanying draw- 

HG..29 is an exemplary screen display illustrating the end 55 ,' Tu r . J— " paf1 . ' ,crco1 - ? " d in w,,idl is show " h V ™V 

of ihe training accordingTo an cmbodimLlS Siibn ,U " s,ri " 1()n . "ff * ^bodtmen. .n which Ihe invention 

PIfiWi*.„ • i t '" wo ™ enlo ''n<-.'nvcn!ion, may he practiced: It is to be understood that other embodi- 

nO. 30 ls an exemplary screen display illustrating, .he men.s may be oiDM and thai stniciura! changes- may be 

nl^oiTetmion' ^ n8 :«^ 8 -ade without departing f rom the scope of fhc S 

u.wm wi uic iuvuuiuu, ^ invention. 

Us^Pmni^c^^' 3 ' 7 ^.^y/I^W "'o The present invention provides a method and apparatus 
HG 32 irSK a " ° mb ° d . ,m , cnl ° f lhe r*" 1005 for ««tot«ini«* policy compliance on a computer nLork 

ComolkL h P r 60 *^ ' l . h,S,ra,in8 Email WO- 1 is a block diagram illustrating policy effectiveness 
»T 33^ T 8 , ° thc- jnvenUon; .system 100 according to an embodiment of [his in ventiot 

m • „. m B 80 ex «; m P lar y ^"display illustrating Docu- a. lite hardware generally implementing the policy effeclive- 

H^vemion 8CmC g l ° *° embodi « lenl « «*. ness.system .100 may include computers havingV^^ 

' and memories distributed over a network as is well-known 
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in ibc art. The memory may include RAM or fixed storage. shown a hypertext list of policy training options. The 

The program steps implementing this invention are stored in training options may be, for example, to enter a policy 

the memory and executed by the computer processor. The training session; review for a policy exam, or take a policy 

present invention is may be implemented using an intranet exam, 

based application that can bo stored on central servers, s Policy Training Session 

wailing to be called up and manipulated via a Web browser The policy training session may combine interactive 

from any location. Those skilled in the art will recognize that multimedia, group policy development discussions, and 

a variety of configurations can be used without departing policy exercises with individual policy review and feedback 

from the scope of the present invention and that a wide screens. The result is typically employee generated policy 

variety of distributed and multi-processing systems may be 10 guidelines for network security policies, 

used. Each of the blocks of FIG. 1 will be introduced, In the,preferred embodiment, the computer screen for the 

followed by a detailed explanation of each block, policy training session is: divided into three frames. The 

Block 105 represents a policy training module for devel- divided screen gives the user the option to review and 

oping network security policies. answer policy recommendation questions, see and parliei- 

Block 110 represents a policy compliance monitor for IS P ate in group policy discussions, and pause the interactive 

monitoring compliance across ihe network. S^MP policy discussion session. After pausing the interac- 

Block 115 represents a policy compliance and reporting livc group- policy discussion section, the user may review 

module for managing information received from the com- dynamic policy recommendations and statistics from previ- 

pliancc monitor, ous policy sessions; request additional information on a 

Block 120 represents the policy effecliveness module for 20; l0 P ic °T subject presented during the previous policy, 
managing the policy training module 105 arid compliance session, or seek technical and product support- 
monitor 110. * I ne policy training module 105 collects and records both 

Block 130 represents the database for storing policy and ind . iv ; iduaI »»| S/oup policy recommendations. The policy 

compliance information for the policy effectiveness system * a T 8 T J C , 105 USCS ' ,bc USCr ' S recommcnda » ions 
100 '25 as a benchmark for other users to use during policy creation/ 

Block 135 represents .he document managemenl system ^^'"f . a °?. 10 •"«*.««*? ,ra f n 8 

of .he compliance moni.or 130. " Y . 2 !? a l > te * digram ■llus.ranng .he steps performed 

„, . , „' ., ... , , ny the policy training module according to an emh(ximen. 

Block 140 represents Ihe email compliance system of the of this invention. 

compliance monitor 130. jjj Block 200 represents .he beginning of .he policy .raining 

Block 145 represents lhc pobcy resource module for proc( . ss . FIG . 10 is an exemplary screen display illustrating 

storing and managing policy resources. the opcping ^n for policy .raining according to an 

Block 150 represents the user profile module for storing embodiment of .he invention. The user may be asked to read 

user information. a licensing agreement and indicate if he accepts or declines 

Policy Training Module 105 35 ,hc ,crms of ,he agreement by clicking on the appropriate 

Toe policy training module 105 typically is an interactive. If?"; "fi h " T display illustrating the 

... ... . r , , , M , ^ , 40 the software licensing agreement according to an embodi- 

Fhe policy training module. 105 presents the network user mcnl oflhc myctlk>n . A message slating the privacy rights 

with a suggested network pobcy thcorgamzat.on wishes to of lhc user typically remains on the .screen until the user 

implement. Policy training module 105 is designed to help clicks on an accept or decline icon. FIGS. 13 and 14 are 

the user understand potential nsks that- an organization faces exemplary screen displays illustrating the terms of the 

45 privacy agreement according to an embodiment of the 

disadvantages of the policy in question, and the management invention 

and ethical principles affecting the potential policy in.ques- „ lock 2 02 represents the policy training module 105 

lion .The network policies are generated by guidelines presenting ihe network user with screen personaKty opt ions, 

created from employee feedback obtained during a training A ^ten personality represents a person who is executing 

^J? 00, .... , , . 50 l — fining session under an assumed screen name and 

The policy training module 105 is comprised of several identity. In other, words,, a screen relates to a real person 

templates. When the system is first implemented, policy taking a training session. The user is typically presented with 

consultants work with management personnel within an a screen and is asked to choose a screen name and identity 

organization to determine the organization^ policies for the (e.g., Avatar) from a list of screen personalities for the 

initial training sessions, which may relate to, forexample, an 5 5 training session. Such screen personalities give users greater 

enure enterprise or a specific department of an enterprise. privacy and the freedom to answer policy questions without 

The- initial policies are entered into a policy training data- fear of retaliation from other employees participating in the 

base 130 and arc- the foundation for the initial training program. FIG. 15 is an exemplary screen display illustrating 

programs. As is further described below, after the initial the choosing a screen identity according to an embodiment 

policy training session, the policy effectiveness system 100 60 0 f the invenlion. 

will analyze all of the information gathered from the areas Block 204 represents the policy training module 105 

it monitors and compare it to each neiwork user profile 150 recording the network user's screen personality in the policy 

to determine the policy training needs of individual network effectiveness database. 

users. Then, the system customizes the policy training Block 204 represents lhc policy training module 105 

materials for the user training sessions. 65 aligning Ihe user a session number. FiCi. 16 is an exemplary 

To access policy training materia Is, the user is prompted screen display illustrating assigning the user a session num- 

to enter a password and hardware token. The user may he her according to an embodiment of the invention. 
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Block 206 represents the policy training module 105 block 220 which represent the policy training module 105 

recording the network user's session number. .The session generating a policy. Block 216 represents the poh'cy training 

number may be used to track and reference the training module 105 assigning the participants a new session num- 

session in the policy effectiveness module. ber. 

Block 208 represents the policy training module 105 5 The Policy Training Process: 

presenting the network user with a virtual training room, The FIGS. 3A-3C arc block diagrams further illustrating the 

user may be prompted to click on an icon to enter the virtual steps performed by the policy training module 105 in 

training room. The virtual training room is typically similar performing the generating a network security policy step 

to an Internet chat room. represented by block 220 according lo an embodiment of 

Block 208 represents the policy training module 105 10 this invention; 

presenting a virtual facilitator. In a preferred embodiment, Block 300 represents the policy training module, 105 

the user is introduced to the program's virtual facilitator who indicating that the network user is ready to begin policy 

introduces the training, participants to each other,, explains training by presenting the network users With suggested 

the training rules, ; and assu res the training program remains policy information. ^ 

on schedule, The virtual faciluatoris typicaliy.stored in the is Block 302 represents, the policy training module 105 

i policy training database 130. FIG . 17 is an exemplary screen receiving suggested policies Jjrora tlie network users FIG'. 18 

display illustrating the introduction to the facilitator accord- is an exemplary screen display illustrating the suggested 

ing to an embodiment of the invention policy according to an embodiment of the invention. The 

In the- preferred embodiment, a maximum of 5 screen suggested policy information typically is stored In a policy 

personalities can participate per training session. Block 212 20 irainingdatabase 130. The user is asked toreview the policy 

is a decision block representing the'policy training module information arid a policy suggestion for a limited period of 

105 determining if there are less than three participants time. The policy training module^ 105 collects a policy 

' registered fora session, if sp,block 220 represents the policy suggestion from each network user ; s policy review session, 

training module 105 determining the number of virtual Block 304 represents the policy training module 105 

personalities needed for the system; otherwise, control is 25 recording all individual policy recommendations, 

passed to decision block 214. The system monitors the Block 306 represents the policy training module 105 

number of screen personalities registered for a> training prompt frig the network user to join a group discussion after 

session. The system records each user's training, session the network user has reviewed the information on his own. 

including the user *s policy suggestions, individual feedback The network user indicates his readiness to join the group 

and onscreen comments provided during the training ses- 30 discussion, such as by clicking an icon. The network user's 

sion. Block 222 the system generates a virtual personality to signal may be sent to the other pa^icipanls , screens. FIG. 19 

participate in the training session. A virtual personahty may is an exemplary screen display illustrating, the network user 

be implemented in the^ form of a template having fields discussion options according to an embodiment of the 

including information copied from a user's previous training invention. 

session. When the policy training module 105 determines 35 Block 308 represents the policy training module 105 
that a virtual personality is needed for a training session, the notifying the other participants that a network user Ls pre- 
present system may be implemented so that the module 105 pared to enter the group session. Once the individual net- 
launches an algorithm to generate a virtual personality to work users are ready to; discuss the policy, the facilitator 
participate in the training session. Hie algorithm, copies begins the session monologue and monitors the session's 
inform a lion from the policy recommendation database 224 40 content and time. 

stored in database 130. Block 226 represents the policy Block 310. represents the policy training module 105 

training module 105 storing the virtual personality in the retrieving the electronic faeilita lor from the database 120., 

database 224. The policy recommendation database 224 is The electronic facilitator senses as; a moderator for the 

comprised of policy information previously submitted by a training module. For example, the electronic facilitator 

screen personality; including policy suggestions, individual 45 prompts the users- for input and monitors the time spent on 

feedback and onscreen comments provided during previous each issue. 

training sessions. Virtual personality information obtained Block 312 represents the policy training module 105 

duriog previous, u-aining sessiqh is retrieved from the policy connecting individual network users to the policy training 

recommendation database 224. The algorithm copies the chat room. 

policy information from the previous policy modules, posi- 50 Blocks 314, 316 and 318 represent the individual network 

lions and scripts the policy information lor the present user computers conuectcd to the policy chat room, of the 

tra ining session. Script is defi ned as positioning and pad ng pol icy training module 1 05. One or more indi vidua 1 network 

the policy information per policy module to make it. appear user's policy .recommendations may be displayed to the 

as though it is occurring in real- time. This provides the user group. 

with a virtual personality and ah interactive, simulated 55 Block 322 represents the policy training module 105 

reaktime training experience without the user being depen- displaying network user policy recommendation to the 

dent upon the availability of others for interaction, discus- group. The policy recommendations may be shown in a 

sions and training. After introductions; the user is typically different color and font. FIG. 20 is an exemplary screen 

prompted to click on cither an agree or decline icon to display illustrating group policy discussions according to an 

indicate his understanding of the training rules and to 60 embodiment of the invention. The individual rccommenda- 

indicatc bis readiness to proceed. Block 220 represents the lions arc used to develop a group policy consensus, 

policy training module 105 generating a policy. From the dlscussion, the group confers, online, to write a 

Block 214 is a decision block representing the policy policy recommendation. All group participants can view the 

training module 105 determining if there arc less than live policy recommendations and group discussions from previ- 

screen personalities registered for the session. If so, block 65 ous policy training sessions. FIG. 21 is an exemplary screen 

216 represents the policy training module 105 dividing the display illustrating policy writing according to an embodi- 

partidpants into two sessions; otherwise, control is passed to ment of the invention. 
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Block" 324 is a decision block representing (he policy 
training module 105 querying the user regarding whether he 
warns more policy information. If so, block 326 represents 
the policy training module 105 retrieving the policy training 
information and displaying it to applicable network users; 
otherwise block 328 represents the policy training module 
105 collecting policy recommendations from the group. The 
group confers, online, to write a policy .recommendation. 
The policy training module 105 collects and records: all 
group policy recommendations. FIG. 22 is an exemplary 
screen display illustrating the network user discussion 
options according to an embodiment of the invention. 

Block 330 represents the policy training module 105 
recording the group policy re«>mmendations.in the policy 
recommendation database 224. 

Block 332 represents the policy training module 105 
calculating and ranking the group responses in' the policy 
training database. For example, the policy with the most user 
votes may be the policy of group consensus. 



10 



Block 402 represents the policy training module; 105 
retrieving. a policy exam from the policy training database 
130 and presenting it to the network user. FIG.. 25 is an 
exemplary screen display illustrating the policy exam 
according to an embodiment of the. invention. Once the 
network user completes the exam, he is prompted to send the 
exam to policy effectiveness 120 where the information 
regarding. the user's taking of the exam is recorded. 

Block 404 represents the policy training module 105 
receiving the exam answers from the network user and 
tabulating the network user's score. During the exam tabu- 
lation period, the network user is asked to fill out a policy 
training feedback and evaluation form. 

Block 406 represents the policy training module 105 
retrieving a policy training feedback and evaluation form 
from the policy training database 130 and sending it to the 
network user. FIG. 26 is an exemplary screen display 
illustrating, a training feedback and evaluation form accord- 
ing to an embodiment of the invention, flic network user 
completes the policy training feedback and evaluation form 



S^ ^Z^&^^l 20 and rc.u^i.,0 the po.icy .rainin, m od U .e 105. 



training module 105 determining if a policy consensus, has 
been achieved. If so, then block 336 represents the policy 
training module 105 displaying the group consensus; 
otherwise, control typically is returned to block 322. If there 
is a lie for group consensus, the system requires network 
users to review the policy options arid m-volc. Each user's 
policy information is displayed the group reconsiders their 
recommendations and attempts to come to a group policy 
consensus. 



Block 408 represents the policy training module 105 
storing the policy training feedback and evaluation form in 
the User *s Profile database 150. 

Block 410 represents the policy training module 105 
sending the network user his exam score after the feedback 
and evaluation form is completed. 

After the employee completes the policy building session, 
the policy training module 105 may request that the user sign 



process illustrated in bMcks 322 through -334 is 30 ^fffi t^o^ 
repeated until a group policy consensus is achieved. excmolarv screen- dfenhv illt,*i™.i„« .« Wnn,, t 



Block 336 represents the policy training module 105 
displaying policy consensus. FIG. 23 is an exemplary screen 
display illustrating the policy consensus according to an 
embodiment of the, invention. 

Block '338 represents the, policy training module 105 
recording the policy consensus. The process of developing a 
consensus policy is repeated until all of the policy modules 
have been reviewed and addressed. 

Block 340 is a decision block representing the policy 
training module 105 determining if there are no additional 
policy modules to complete. 

If so, block 300 represents a repeat of the policy genera- 
tion process; otherwise, block 342 represents the policy 
. training module 105 presenting a suggested policy to the 
network user and assembling and recording the group con- 
sensus policies from each policy module. 

Hie policy training module 105 assembles and records the 
group consensus policies from each policy, module in the 
network security policy database 130. 

Block 344 represents the end of the policy generation 
process of the policy training module 105. 

When the training session is completed, the network user 
Is given the options to start the policy exam, review policy 
training materials, or end me session. FIG. "24 is an exem- 
plary screen display UJustra ting the policy training options 
according to an embodiment of the invention. 
Start the Policy Exam 

FIG. 4 is a block diagram further illustrating the steps 
performed by the policy training module in administering a 
policy training exam according to an embodiment of the 
present invention. The network, user is given an online 
policy exam to reinforce the information presented in the 
policy training session. 

Blocks 400 represents the policy training module 105 65 
receiving a request for a policy training exam from the 
network user. 



40 



45 



50 



60 



exemplary screen display illustrating an Appropriate Use 
Agreement/Employee Agreement form according to an 
embodiment of the invention. FIG. 28 is an exemplary 
screen display illustrating an Appropriate Use Agreement/ 
Employee Agreement form according to an embodiment of 
the invention. Block 412 represents the policy training 
module 105 sending the network user an Appropriate Use 
Agreement/Employee Agreement. The user reads and signs 
the Agreement. The user returns the Agreement to the policy 
training module 105. The signed Agreement is kept in the 
User Profile database 200 and a copy is emailed to the user 
for his records. 

Block 414 represents the policy training module 105 
receiving the Agreement and storing it in the User Profile 
150. 

Block 416 represents the policy training module 105 
sending an email message to the network user with a copy 
of the Agreement attached. 

Block 418 represents the end of the policy exam process. 
FIG. .29 is an exemplary screen display illustrating the end 
of the training according to an embodiment of the invention. 
If the user fails the exam, the policy training module 105 will 
ask him if he wants to retake the exam, review policy 
training materials, or end the session. 

Policy Compliance Monitor 110 
The Policy Compliance Monitor 110 works with the. 
Policy Effectiveness Module 120 to provide network user 
compliance monitoring with network security policy stored 
in a database, it electronically evaluates network security 
policy compliance based on network user compliance, and 
undertakes a network policy compliance action in response 
to network security policy compliance. Network user com- 
pliance monitoring is defined as monitoring network activity 
to insure users are. in compliance with the organization's 
network security policies. Network security policy is a set of 
rules designed to limit an organization's risk and liability. 
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FIG. 5 is a block diagram turther Ulustrating the operation pliance value in relation to the user compliance policy value, 
of the policy effectiveness system according to an embodi- If the user policy compliance value is greater than or equal 
ment of this invention. to tne network policy compliance value, then block 120 

The policy compliance monitor oversees user profile, represents the policy effectiveness system notifying the 
email compliance,, internet compliance, document manage- 5 policy effectiveness module 120 that the network is in 
ment and software compliance functions'lo collect network compliance; Otherwise, if the network policy compliance 
user security policy compliance activities. FIG. 30 is an va ' u <i is greater than the user policy compliance value, the 
exemplary screen display illustrating the policy compliance policy compliance monitor 110 measures the difference 
and reporting according to an embodiment of the invention. between the network policy compliance value and the user 

Block 110 represents the policy compliance monitor of 10 P°l>cy compliance' value and undertakes a network compli- 
the policy effectiveness system 100. ance action in response to that difference. Alterriativciy, the 

Block 150 represents the user profile module of the policy P^T <^pliance monitor could undertake a network a 
effectiveness system 100. 'Die user profile module 150 is a com P I,ance action; anytime a policy violation occurred, 
database comprised of information about network users. For FIG - 36 is an exemplary screen display illustrating Net- 
example, the user profile module 150 may contain inform a- 15 work NonfGompiiiance Notice according to an embodiment 
lion about network user policy compliance history, employ- of lhe . mvcn ^on v Bach policy is associated with a corre- 
ment history, and network identification information. FIG. ^ponding group of network policy compliance actions rang- 
31 is an exemplary screen display illustrating the User in & from |-. a mad ( c -8" notifying a network user), level two 
Profile according to an embodiment of the invention. notifying the network user and a policy administrator), 

Block 140 represents the email compliance module of the 2 ° lcvd thr ^%'' providing a retraining module to a network 
policy effectiveness system 100. The email compliance re *^ ctm S t™*™* user's network access rights) and 

module; 140 collects information :on network users' email ' eY t *™V J^ 1 ^ tbc nclwork ***** 
use activity. FIG. 32 is an exemplary screen display illus- ^ w c>rk access rights.) Each compliance action, in the group 
Crating email compliance according to an embodiment of the - * ^ed ■» value related to a numeric value thai may be 
invention. reported from monitoring network user compliance. 'ITie 

ot^Ue . , 4 numeric value assigned is based; on the severity of the 

Blocks represents the document ^a^ment module network policy compliance violation, i.e; the difference 
of the policy eilecuveness system 100. FIG, 33 LS/an between the network compliance value and the user 

exemplary screen display illustrating Document Manage- pb!icy comphance value 
ment according to an embodiment of the invention. The m , r ^ ... ™ 

document management module.135 collects information on Up f n recw ^S th * difference between the network policy 
documents in the. system. This may include document cora P hancc ^ and the user policy compliance value, the 
history, document authenticity, network user access to R« llc y compliance and reporting module 115 records this 
documents, and document access and disclosures. ^formation m the net work security policy database 506 and 

n . , - ftll ' . - ' ' " ~ " ■ . ic begins undertaking the appropriate network compliance 

Block 500 represents the software compliance module of # act j on Y 

the policy effectiveness s\^tem 100. r rhe-sc>ftwafe complir rJ-„«i^«." • .- -i. , 
ance module SOOcollects information on how network users tl J^T& may have. a. persona email 
utilize software on the network. FIG.. 34 is an exemplary *f'^ may limn each 
screen display illustrating Software Compliance accoriing TZ^^ "*™™ *™ T'^STT 
to an embodiment of the invention. ' 40 P° r ^y ; The : system assigns the numeric value of 95 to the 
ni . c >„ , ' r , L ... personal email messages policy. A value of 100 is the 
Block S02 represent the audi t function of the pol icy optimum network, policy compliance value. The compliance 
effectiveness system 100. Tbe^idit function collects infor- monitor collects information on network user compliance 
nation from all of the policies monitored by the policy for personal email use.. If an individual sends 25 email 
compliance monitor 110. Each monitored policy is assigned messages, the system records a user policy compliance value 
a value representing- a target baseline compliance level for 45 o f 90. The user policy compliance value of 90 is compared 
network policy ^ compliance ( 'network policy compliance"); to the network policy compliance value of 100. the differ- 
In the preferred embodiment, the numeric value assigned to e nce of 5 (95-90) indicates to the policy effectiveness 
each monitored policy is 95, representing that for each system 100 that a network policy compliance action may be 
policy 95% user compliance is required. Each network user .taken. In this example, a network user compliance value of 
compliance activity has a numeric value the system monitors 50 5 may tell the svstem to execute a network compliance 
representing a target baseline compliance level for user action. 

policy compliance ("u.scr policy compliance"). r .u r j u i- . , 

*J , *L , In lhc preferred embodiment, the system has four action 

Block^504 represents^the network security policy com- levels. Each action level may be undertaken in response to 

pliance database of the database 130. -Hie baseline compli- a range of differences in compliance values, FIG 37 is an 

anceleyclassigned to each monitored policy is stored in the " exemplary screen display illustrating a Network Compliance 

network security policy compliance database 504 of the Action Notice according to an embodiment of the invention, 

database 130. The audit function is responsible for review- Al a - fits| action , 6Vclf thc syslcm m scn(J an cmail 

ing network user compliance and network security policy. nolifying lhc nclwork user lo Lase and'dc^ iLZt 

FIG. 35 is an exemplary screen display illustrating the m compliant activity, 

audit fundion according to an embodiment of the invention. Al , , aemai action level, the system may prompt the 

Block 506 represents the network secunly pohcy database. systcm aaministfalor to foUow ^J^, 0 4™ 

The network comphance value * monitored ,n retanon to proccdurcs fo, the infrilction . n, c policy effectiveness sys- 

SicfdaE SM V 10 * " SCCUnly «^100 notifies the network user and a system admini Ja- 

p y 65 tor. Jimail and surface mail are automatically sent to the 

Block 508 is a decision block representing the policy alleged violator and the system administrator. The message 

effectiveness system 100 analyzing the network policy com- may ask the.alleged violator to discontinue the inappropriate 
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bchavioror to reread the Inlnmel-base Policy Manual. 'Hie pliance violation has occurred and a octworkuser compH- 

policy effectiveness system 100 records if the user visits the ance action, level two or greater, has been taken. The system 

electronic site of the Policy Manual. administrator is instructed to click on an icon to access the 

At a third action level, the policy effectiveness system 100 network user policy compliance violation information and 

may file a policy violation report and launch an investiga- 5 document the violation. FIG. 39 is an exemplary screen 

tion. The policy effectiveness system 100 sends email and display illustrating a network policy action notice according 

surface mail to the alleged violator and the system admin- to an embodiment of the invention, 

isirator informing them of the violation. A policy retraining Block 503 represents the policy compliance and reporting 

module may be the most likely course of act ion . At the th ird 115 retrieving the network user policy compliance violation 

action level,, the actions of the second infraction are initiated 10 documentation from the policy effectiveness module 120. 

and additionally an immediate referral is made to the.appro- Policy compliance and reporting 115 advises the system 

priate policy officer for review and action. administrator on how to execute the designated network user 

At the fourth action level, the policy effectiveness system compliance violation reporting procedures. This is achieved 

100 may restrict the network user's network access rights prompting the system administrator through the reporting 

and prompt the system administrator to cither begin inves- process and presenting a policy knowledge base. FIG. 40 is 

ligation procedures and/or initiate a signal U> the policy a " exemplary screen display illustrating a policy knowledge 

knowledge base to determine the recommended course of query according to an embodiment of the invention. A 

action. support icon is also available if the user needs to discuss a 

Block 510 represents the policy effectiveness system 100 specific procedure with a Policy Consultant, 

undertaking a network policy compliance action. The policy 20 Block 604 represents the policy knowledge database of 

effectiveness system 100 sends a signal to policy compliance lne policy compliance .and reporting 115. The policy knowl - 

and reporting 115 to record the non-compliant network user edge database is comprised of automated network user 

activity. policy compliance violation documentation. This may 

Policy Compliance and Reporting 115 „ " Ch f n ? l ™*P°% Ration report forms, detailed 

, * 25 reporting instructions, and investigation procedures check - 

Hie. policy compliance and reporting module 115 pro- list. The policy compliance and reporting 115 analyzes the 

vides automated policy monitoring, policy violation proce- network user policy compliance violation information from 

dures and reporting, it tracks policy investigations and the policy knowledge database 604 and determines if an 

generates policy investigation reports. These procedures investigation action is needed. 

work in conjunction with existing policy compliance 30 After the system analyzed the violation information, „ 

reporting, discipline and grievance procedures to uphold the policy violation investigation report form is displayed on the 

organization's technology policies. user screen. FIG. 41 is an exemplary screen display illus- 

Compliance trating a policy compliance violation report according to an 

The policy compliance and reporting 115 monitors and embodiment of the invention. All reports arc documented in 

records user and network system activities audit procedures S5 read-only format and all modifications and changes to the 

<and reporting, policy violation procedures/investigations/ non-compliance reports arc ao addendum to the initial 

reporting, compliance/uon-compliance status reporting. report. The system administrator is asked- to supply the 

FIG. 6 is a block diagram illustrating the steps performed following network compliance violation information regard- 
by a policy complianoe antl reporting, module according to ing the claim including the network user's name: fc-mail 
an emrxKiimenl of this invention. 40 address, title, department, mail station, type of violation 

The policy compliance and reporting process begins when (non-compliance; drop down box), date of occurrence, date 

the policy compliance, and reporting 115 receives a signal of report, and official report of the incident (MIS, the user, 

from the compliance monitor 110 that a network compliance or policy officer). 

action has been taken. Block 510 represents that a network A code is assigned to the policy compliance violation 

compliance action has been taken by the policy effectiveness 45 report. FIG 42 is an exemplary screen .display illustrating a 

system 100. policy compliance violation code. and report according to an 

Block 600 represents the policy compliance and reporting embodiment of the invention. Block 606 represents the 

115 sending an email or pager message to the system policy compliance and reporting 115 assigning a code to the 

administrator notifying the administrator thai a network user policy compliance violation report. The code is used to 

compliance violation has occurred. The email message 50 identify and track the policy compliance, violation report in 

attaches a policy compliance violation report (file) to the the policy effectiveness database; The system administrator, 

email and instructs the system administrator to follow the the policy officer and the network user are the parties.thal 

compliance reporting procedures. FIG. 38 is an exemplary may access the policy com pliance violation report. 'lb access 

screen display illustrating a policy compliance violation the policy compliance violation report the system 

report according to an embodiment of the invention. The 55 administrator, the policy officer and the network user are 

email instructs the system administrator to log into the given the access code to the report and are registered in the 

system, present a password and hardware token to access the system. While completing the report, the system adminis- 

pohcy violation reporting procedures and indicates the trator can access a network user's policy compliance report 

screen option to choose. The screen options available to the to review their network activity history. All report 

system administrator may include: hie a policy compliance 60 communications, including the policy compliance violation 

violation report, investigate a policy compliance violation report, may automatically be sent via encrypted e-mail to a 

report, review audit and system reports the appeal process. third party organization and are kept in escrow. This insures 

review a user profile, policy resources, and policy effective- the organization cannot access the policy compliance reports 

ness reports. in the system to change the coulent of the reports and insure 

File a Policy Violation Report 65 that they follow due process procedures. 

In a preferred embodiment, a screen is displayed lo the 'ilie system administrator may contact the policy officer lo 

system administrator indicating a network user policy com- schedule an in-person appointment with the network user. 



a 
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Block 608 represents the policy compliance and reporting quent action form indicates if ihe network user policy 

U5 recording the appointment. Block 610 represents the compliance violation claim is still under investigation pend- 

.policy compliance and reporting 115 scheduling the appoint- ing or is closed. 

rhent. A hypcrliruV to a scheduling module is activated; An Block 706 represents the.policy compliance and reporting, 

exampkof a schedule module is. Microsoft's. Schedule Plus, 5 module 115 storing information related to the subsequent 

Several meeting options arc : listed on the violation report to action reports. The policy appliance and reporting module 

be emailed and surface mailed to the network user. FIG. 43 115 monitors the/ status of all network user compliance, 

is an exemplary screen display aiuslrating a System Viola- violations to insure that violation reports are properly 

lion Notice Email and Snail Mail Notice according to an reported and managed, 
embodiment of the invention. The. system monitors' and 10 The Appeal Process; 

records the reporting and investigation process in the policy FIG. 8 is a block diagram illustrating the appeal process 

eHcctiveness database. performed by a policy corapliaoce and reporting module 

All registered parties are automatically e-mailed the according to an erribodimeni oftHisiinvention; FIG- 45 is an 

policy compliance violation, report, all correspondence exemplary screen display iilustfatihg The. Appeal Process 
related l^the report and^the ap^ is according to an embodiment of the invention. After filing the 

report lntormation ls dLStributed. Copies of policy compli- subsequent action report, the system gives the networkUser 

ance violation report is automaijcally : sent to policy the opportunity to respond to appeal the network compliance 

effectiveness, e-raailcd to policy officer, surface^ mailed to violation. Block 800 represents the policy compliance and 

the nctwork uscr, e-mailed to the network, and surface mail reporting module 115. prompting network user with the 
copy printed and sent to the network user. The surface mail 20 appeal option. Block 802 represents the policy compliance 

and e-mad reports are form letters that may include an and reporting module 115 receiving a signal to begin appeal 

Internet address to help inform the network user about the process The network user is given the option of ch^sinran 

policy compliance vio atiqn reporting process. Polieyxom- appeal facilitator from the organization. Appeal facilitators 

pliance and re^rting 115 tracks and monitors the status of are employees of the organization randomly chosen by the 
the. complaint by monitoring the scheduling module and 25 system 10 act a facilitator for ihe appeal process, policy 

tracking where the report is in the- system. Block 612 ctmipuance and reporting ;module 115 reviews nctworkuscr 

represents the policy compliance and reporting 115 distrib- profiles and chooses the network users with the lowest 

utiiuihe. policy compliance violation report jnfdrmatibn, network user policy compliance violation records to be 

Printed copies or the policy compliance violation report, facihtator candidates. Block 8<W represents the policy corn- 
correspondence, and related documents have a watermark 30 pliance and reporting module 115 retrieving appeal facili- 

pnntcd m the header of t he print out of the policy compli- tator information from the policy compliance and reporting 

ance violation report with the words "corporate record" database. The user chooses the facilitator from the Appeal 

pnnled on the top comer of the document. The printout may screen. The system records the process and automatically 

include the date the document was created, who created the sends an email to the facilitator. Block 806 represents the 
document, the version number of the report and the file.patb. 35 policy compliance and reporting module 115 recording the 

ThLsis used to insure the authenticity of the policy compli- facilitator, Block 808 representsUhe policy compliance and 

SSf? r CP °u reporting module 115 assigning a password to the facilitator. 

Su ^ucnt Ac ion Report Block 810 represents the policy, compliance and reporting 

FIG. 7 15 a block diagram further illustrating the steps module 115 sending an email to the facilitator. The e-mail 
pedormeiiby the policy compliance and reporting module 40 explains the appeals- process 10 the facilitator and provides 

115 according to an embodiment of this invention in genr the facilitator wilh the passwords needed lo access to the 

eratong^snr^qiieot action report. FIG. 44 is an exemplary network user policy compliance violator's iilc; The facili- 

screen display dtustraiing a Subsequent Action Report tator has read-only access to" the network user compliance 

according to an embodiment of the invention. Block 700 violation reports. The facilitator is automatically copied on 

represents the policy compliance and reporting module 115 -45 all appeal process communications. The system records this 

receiving; a message from the schedule module lo begin activity and stores it in the policy effectiveness database 

subsequent action p^ the system Next, the internal officers are automatically prompted and 

administrator and the network user are automatically sent a notice to schedule the appeal meeting with the new 

reminded via email of the requirement to indivirjually Tile facilitator, the network user, the system administrator and 

subsequent meeting reports with-the system. Block: 702 50 the policy officer. Block 812 represents the policy compli- 

represents the policy compliance and reporting module 115 ance and reporting module US prompting users to schedule 

distributing notices via email. The policy officer, system an appeal meeting, The process is reported to, stored and 

administrator and the network user are required U> present tracked in the. policy effectiveness module. Block 814 rep- 

login- and password/token information to file subsequent resents the policy compliance and reporting module 115 Ihe 

action reports with the system and to verify a policy com- si system recording ihe; process. The appeal report is automati- 

phance violation meeting occurred.. cally sent to internal policy officers. The network user is 

Hie network user is also asked to sign- an agreement automatically sent information to inform htm of his proce- 

indicating he attended the policy enforcement meeling and dural, rights. The appeal report is automatically sent to the 

reviewed the policies ol the organization. The system policy effectiveness module, the policy officer and the 

administrator and. policy officer are asked to confirm and 60 network user, and a surface mail is sent to the policy officer 

document. lhaMhe meeting took place. All parlies are com^ and the violator. Block 816 represents the.policy compliance 

pletc the forms. Block 704 represents the policy compliance and reporting module llS.dislributing appeal information to 

and reporting module 115 retrieving subsequent action all parties. 

reports from the parties. The system stores the documents in The facilitator logs.into the system and reviews all of the 

the policy effectiveness database. 65 documents regarding the policy violation. 1 tie facilitator, the 

Ihe system administrator is prompted by the system to policy officer and the suspected violator meet lo listen to the 

confirm in the subsequent action report form. The subse- violator's appeal. The facilitator and the policy officer arc 
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required to present login and password/token information to user compliance. Block 920 is a decision bIock< representing 
file appeal reports and to verify an appeal meeting occurred. the policy effectiveness module 120 analyzing the network 
Block 818 represents the policy compliance and reporting policy compliance value in relation to the group user corn- 
module 115 retrieving appeal report forms from policy pjianec policy value. If the group user policy compliance 
compliance and reporting database. The appeal reports arc 5 value; is greater than or equal to-lbc network p<)licy corn- 
comprised of several fieldsv The facilitator and the policy pliance value,, then, block 940 represents the policy effec- 
officer arc required to complete the online reports. The. iiveness module 120 recording that the network is in corn- 
policy effectiveness analyzes the appeal reports to determine pliance with respect to a policy. Otherwise, if the network 
the final decision. Block 820 represents the policy compli- policy compliance value is greater lhanihe group user policy 
ance and reporting module 115 analyzing the appeal reports, to compliance value, the policy effectiveness module 120 mca- 
An email is sent to all parties with the final decision file sures the difference between the network policy compliance 
attached. Block 822 represents the policy compliance and value and the group, user policy compliance value and may 
reporting module 115 distributing the final appeal decision. undertake a network compliance , action in response to that 
Block 824 represents the policy compliance and reporting difference. 

module 115 transferring ; the appeal information to the policy is Ea C b compliance, action in the group is assigned a value 

effectiveness module 120. related to a numeric value that may be reported from 

Policy Effectiveness 120 monitoring network user compliance, llie numeric value 

assigned is based on the severity of the network policy 

The policy effectiveness module 120 electronically compliance violation, i.e. the difference between the net - 

collects, records, analyzes and stores information from 2(3 work policy compliance value and the group user policy 

policy compliance monitoring; analyzes policy compliance compliance value. Upon recording the difference between 

and reporting, evaluates network^ the network policy compliance value and the group user 

undertaken in response to the network security policy vio- policy compliance value, the policy effectiveness module 

latibns and electronically implements a different network 120 records this information in the network security policy 

security policy selected from network security policies 25 database 130 and begins undertaking the appropriate net- 

stored in a policy database. work compliance action. This action may include eleetroni- 

The policy effectiveness module 120 analyzes informa- ca ^y implementing a different network security policy 

tion collected from the policy compliance a nd reporting 115 selected from network security policies stored in the 

to determine if network user xompliance policies are effee- database, generating policy -effectiveness reports, and pro- 

tive. FIG. 46 Is an exemplary screen display illustraiiDg 30 viding a retraining module to network users, 

policy. effectiveness reports according to an embodiment of For example, the system administrator may have indi- 

the invention FIG. 47 is an exemplary screen display llliis- cated that lite password policy cab not have more than 5 

trating policy effectiveness reports according to an embodi- network compliance action occur per month. If the network 

mcnt of the invention. If a policy is determined to he compliance action is greater than 5 actions per month, the 

ineffective, a new policy may need to be implemented. ss system sericfc a message to retrieve a different policy from 

Ibe policy effectiveness module 120 monitors the policy lne database 130. The policy selected based on indexing 

compliance, act ioas taken over a period of time. At the time criteria and on the difference between the group user policy 

the system is implemented, the system administrator may set compliance arid the network policy compliance values. Bach 

the system to measure network compliance actions that have policy has several actions ranging from lenient to restrictive, 

been undertaken ou a monthly, quarterly, annual, historic 40 P 0UC Y effectiveness module 120 reviews me informa- 

(e.g., year-to-date) basis. After the monitoring lime period tl0n . coJIe cted by policy effectiveness to determine which 

has been recorded in the system, the system administrator policy to modify and the action to take: The policy effec- 

may record the number of network policy compliance iiveness module 120 records the policy change and sends an 

actions, per network compliance policy, considered accept- cm ^ message to the system administrator to confirm the ; 

able during a said period of time. 45 policy changing process. FIG. 48 is an exemplary screen 

The policy effectiveness module 120 analyzes the policy d W a X-1.f^.»Mn&a:p^licy effectiveness action according to 

compliance actions stored in the policy compliance and an embodiment of the invention. An enterprise wide email is 

reporting module 115. Each policy is assigned a value also sent to all network users to. alert them to the change in 

representing a target baseline compliance level for network , 50 I>ol,cy - 

policy compliance ("network policy compliance"). In the Policy Resources 145 

preferred embodiment, the numeric value assigned to each ^ «. . .» llU . , 

monitored policy is 95. repressing that foS, pofy „ V* *&* f™?<™* Wf» 100 -**M 

95% user compliance is required. Tht level of.nser comply ^ W« ««• "*« "d sollware resources dalubusc to 

policy is monitored: The network user compliance activity * ^ 49 * '° "? m P larv display .bustling po bey 

I /group has, numeric va,ne the fm monitor* ~S S& 7£ 

value is monitored in relation to the user compliance value m """ft * ^ 

stored in the network security policy database^. 60 Z^£2£?&^ V ** 

i*/* » • ei i i- e J ... search and find policy information. Users can contact sup- 

HG. 9 us a block diagram lurther iliustraling a policy port personnel either by email, page,- telephony, fax, or 

effectiveness system according to an embodiment of this telephone. It is important that users have immediate access 

invention. t0 a SU pp 0rt p ersoil( since major policy violations may 

Mock 900 represents the policy effectiveness module 120 65 require organizations to act quickly in order to protect their 

determining network policy compliance. Hlock 910 repre- network from damage, Internal legal and policy personnel 

sents the policy effectiveness module 120 determining group can access legal statutes and other related policy documen- 
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lalioo relating to email and virtual policies in the workplace. tories. Products that monitor software licenses are known in 
The policy manual is presented to users such that they will the art, for example the FlcxIM software by Globetrotter, 
be able to; read and review the policy manual periodically. Each user is registered in the user profile database 150. 
Users are periodically required to sign an online form The user profile database 150 includes a User's hardware and 
indicating he or she has read the policies, and any policy 5 software inventory information, as well as the user's name, 
revisions, and understands all of policies. Annual updated user's email address, user's surface mail address, employ- 
information will be highlighted for fast review. The policy me ni status (e.g., temp, contract, virtual), title, department, 
effectiveness system 100 tracks users visit to the policy. The organizational chart indicating who the user reports to, the 
self-serve policy section allows the policy officer to revise direct reports, his assistant, and mail station address. It also 
the policy. The policy officer is prompted to access a policy j 0 may indicate the software present on a user's workstation 
database and is instructed to download a new policy when and the user's system access and security status, 
the system has determined that a policy, is. ineffective and n, e user profile: database 150 also retain copies of any 
users are consistently out of compUance ' with the current Employment Agreements and other employment-related 
policy. The new polices) arc automatically added to the contracts, maintaias. a record of the users 1 policy training 
policy effectiveness system and the organization's policy 35 and exam status, policy compliance history, network 
manual. activity- a rid any special network access or privileges such as 
Software resources include software listings and updates, using the network for charitable use. Additionally, the user 
guidelines for proper use including email etiquette, and profiles 150 may also monitor software downloads from the 
netiquette training, Internet information and personal safety network, or Internet, to hardware through network activity 
training, optional registration of an encryption private or 20 reports and network audits, including any software a pproved 
public key with the system, a lisiing\of the organization's for use by management and other special approvals. Addi- 
approyed and licensed software, software downloading tion a 1 user information can be monitored and collected to 
guidelines and approved procedures, tech support for user's assist the organization's reporting needs, 
questions Registering newly downloaded software to the The policy effectiveness system 100 includes an object 
system, management approved trialware, shareware and 25 library /object level licensing system similar to FlexIM by 
others for review by the organization, operations and support Globre trotter. 

information, regulation, policy, and Freedom of Information The policy compliance monitor 110 features dynamic 

Act materials, information explaining how the system works updating and exchanging of software licensing agreements, 

including product support and services, telephony, text- The compliance monitor 110 reviews aU software license 

based support, and in-bouse support options, a simple do & 30 agreements and maintains, records of the vendor informa- 

don't security module for non technical activity, and online tion. The compliance monitor 110 sends a notification to the 

safety information system administrator indicating that; a software license is 

Security, System Backup, and Recovery Processes about to expire. The system administrator is prompted to 

Users must present a password and hardware token to send, an email to the h'censing organization to update the 

access the policy effectiveness system 100. Most organiza- 35 license agreement. Once the updated license agreement is 

tions concentrate their security resources on securing the received via email, the system automatically updates the 

perimeter of their network. Unfortunately, the greatest threat software license registered and stored in the compliance 

to an organization is its employees, who, with network monitor 110! 

access can cause greater damage than an external intruder. ITic policy effectiveness module 120 monitors and tracks 

'Ihe policy effectiveness system 100 employs an dec- 40 network activity including all hardware and software in the 

ironic tag to monitor document level access, security and to policy effectiveness system 100. This module can generate 

track information on a per document basis: This creates the reports to track an organization's user access including 

opportunity to prove document authenticity, to track the failed login attempts and all attempts to launch privileged 

copies and revisions of a document, and to monitor and applications, any changes to system configuration param- 

report document access and disclosures. 45 etc rs; software downloads from the Internet, software and 

System Backup and Recovery hardware usage 4 location of software, location of software 

The policy effectiveness system 100 has an online backup license agreements, type of software agreements,. coordina- 

featurc. This feature offers full redundancy, without the tion of software license agreements with software 

expense of off-site storage, and limits the process of physi- utilization, statistical and .graphical information regarding 

cally cataloging and indexing backup tapes. Cataloging and 50 justification for software purchases, upgrades and mainte- 

indexing backups is automatically completed by the system. nance expense, software installations, software compliance, 

Backman is an existing software that docs this. appropriateness, inappropriate ness and .excessive use of 

Software Compliance software and hardware resources throughout the enterprise, 

Most large organizations are not cognizant of the type of the number of people waiting for access to software 
software licenses they have, which workstation and/or 55 applications* access time, value of software being used at 
server has which software, who is using what software, and anytime, the need for upgrades, the need for training, 
whether or not the organization is in compliance with their projections for hardware^ software and licensing costs/usage 
software licensing agreements. Users can easily download throughout Ihe enterprise, hardware demand predictions, 
freeware, shareware trialware, and perm ware software from recommended re-route of software and hardware, personally 
the Internet. All software is distributed with compliance oo installed or permitted software installation, need to stream- 
conditions or restrictions of its use, even if it is identified as line and more effectively use under utilized system 
freeware, shareware and trialware, or is copyrighted but resources, over utilization of system resources, potential 
freely distributed. policy infringements, system trends per department use, and 

To effectively monitor an organization's software Ihe allocation of related costs related to department, 

compliance, periodic network audits are needed to identify 65 Software Applications Archive 

deviatioas in the software inventory, and to reconcile soft- The system records the storage location of all thesoftware 

ware license agreements with software and hardware inven- applications, software manuals, and software vendor infor- 
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matiqn used by the organization to create documents. In the 
event that records or documents, written in older versions of 
software,, must be. produced, the software will be preserved 
and available for use. 

The foregoing description of the exemplary embodiments 
of the invention has been presented for the purposes . of 
illustration and description. It is not intended to be exhaus- 
live or u> limit the invention to the precise form disclosed. 
Many modifications and variations are possible in light of 
the above teaching. It is intended that the scope of the 
invention be limited not with this detailed description, but 
rather by the claims appended hereto. 

What is claimed is: 

1. A method for dynamically assisting a system adminis- 
trator of a computer network in upgrading compliance 
policy based on behavior of system users, the method 
com prising the steps of: 

storing in a database a plurality of compliance policy 
options; 

developing an mm'al compliance policy option potentially , 0 
applicable to network users; 

automatically evaluating over time the appropriateness of 
the initial compliance policy option based on the poten- 
tially evolving compliance history of users; 

automatically compiling and providing to the system 35 
administrator oyer time a dynamic; knowledge base 
comprising automated network user policy compliance 
violation documentation; 

automatically determining from the knowledge base 
policy compliance, violation documentation that the 3D 
initial compliance policy option is; ineffective; 

automatically selecting from the database and recom- 
mending to the.system administrator an alternate com- 
pliance policy-option; and 

automatically requesting that the system administrator 35 
confirm the chance to the alternate compliance policy 
option, 

whereby compliance policy options are dynamically 
altered and provided to the system administrator in 
order to eliminate ineffective compliance policy 40 
options. 

2 The method of claim t, further comprising the steps of: 

electronically generating a network security policy com- 
pliance value based on monitoring network user com- 
pliance for a plurality of network users; 

electronically comparing the compliance value to a target 
compliance value, wherein the target compliance value 
defines a baseline for network security compliance; and 

undertaking a network policy compliance action based on 
a difference, between the compliance value and the 
target compliance value. 

3; 'Jin? method of claim 2, wherein the compliance option 
is selected from a group comprising: 

electronically implementing a different network security ss 
policy: selected from network security policies stored in 
the database; 

generating at least one policy effectiveness reports; and 
providing a, retaining module to network users. 

4. The method of claim 1. further comprising the step of <$o 
electronically undertaking a user compliance action in 
response to evaluating network users' compliance with a 
network security policy. 

5. The method of claim 4, wherein the evaluating step 
comprises the steps of: 

generating a network security policy compliance value 
based on monitoring network user compliance; and 
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comparing the compliance value to a target compliance 
value, wherein the target compliance value defines a 
baseline for network security policy compliance; and 

wherein the undertaking step is based on a difference 
between the compliance value, and the target compli- 
ance value. 

6. The method of claim 5, wherein the user compliance 
option is selected from a group comprising: 

notifying a network user; 

notifying a policy administrator; 

providing; a retraining module to the network user; and 

restricting the network user's network access rights: 

7. The method of claim 3, wherein at least one network 
security; policy has a security level identifier identifying the 
relative restr^ 

ing step includes the step of electronically selecting a 
network security policy based on the security level identifier. 

8. The method of claim 1, further comprising the step of 
interactively generating a network security policy, the gen- 
crating step comprising the steps pf: 

electronically providing a suggested network security 

policy to a plurality of network users;, 
electronically receiving a modified network security 

policy from at least one of the network users; 
electronically providing at least one of the modified 

policies to the network users; and 
receiving a group modified policy from the network users, 

9. The method of claim 1, further comprising the steps of: 
electronically monitoring network user compliance with 

the; complia nee policy, including the steps of: 
electronically providing a network policy exam to a 

network user; 
electronically receiving exam answers from the netr 

work user 

electronically evaluating the; exam results to generate 

an evaluation score; 
notifying the network user of the evaluation score; and 
stormg the evaluation score in a database. 

10. The method of claim 1, wherein the compliance policy 
comprises: 

a network hardware policy; 

an email policy; 

an internet policy; 

a software license policy; 

a document management system policy; and 

a network security enforcement pol icy, 

11. An apparatus for dynamically assisting a system 
administrator pf a umiputer network in upgrading. compli- 
ance policy based on behavior of system users, the apparatus 
comprising; 

a computer system comprising at leasi one processor and 
at least one memory, the computer system being 
adaptedand arranged for: 

storing in. a database a plurality of compliance policy 
options; 

developing. an initial compliance policy option poten- 
tially applicable to network users; 

automatically evaluating over lime the appropriateness 
of the initial compliance policy option based on the 
potentially evolving compliance history of users; 

automatically compiling and providing to the system 
administrator over time a dynamic knowledge, base 
comprising automated network user policy compli- 
ance violation documentation; 



This PDF of U.S. Utility Patent 6735701 provided by Patent Fetche? ' M . a product of Stroke of Color, Inc. ■ Page 64 of 65 



US 6,735; 

23 

automalically determining from the knowledge base 
policy compliance violation documentation that the 
initial compliance policy option is ineffective; 

automalically selecting from the database and recom- 
mending to the system administrator an alternate 5 
compliance policy option; and 

automatically requesting that the system administrator 
confirm the change to the alternate compliance 
policy option, 

whereby compliance policy options are dynamically to 
altered and provided to the system administrator in 
order to eliminate ineffective compliance policy 
options: 

12, An article of manufacture for dynamically assisting a 
system administrator of a computer network in upgrading is 
compliance policy based on behavior of system users, the 
article of manufacture comprising a computer- readable-stor- 
age medium having a computer program embodied therein 
that causes the computer network to perform the stepsof: 

storing in a database a plurality of compliance policy 2f> 
options; 

developing an initial compliance policy option potentially 
applicable to network users; 
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automatically evaluating over. lime the appropriateness of 
the; initial compliance policyoptidn based on thc poienr 
lially evolving compliance history of users; 

automatically compiling and providing to the system 
administrator over lime a dynamic knowledge base 
comprising automated network user policy compliance 
violation document atinn; 

automatically determining from the knowledge base 
policy compliance violation documentation that the 
initial compliance policy option is ineffective; 

automatically selecting from the database and recom- 
mending to the system administrator an alternate com- 
pliance policy option; and 

automatically requesting that the system administrator 
confirm the chance to the alternate compliance policy 
option, 

whereby compliance policy options arc dynamically 
altered and provided to the system administrator in 
order to eliminate ineffective compliance policy 
options. 
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